Juniper releases out-of-band security update to fix vulnerability in J-Web and web based services
Juniper has released an out-of-band security update for a Junos OS vulnerability CVE-2020-1631 in J-Web and web based (HTTP/HTTPS) services.
Network Security
Securezoo Cybersecurity Threat Center blog posts regarding Network Security.
Alert: Threat actors continue to exploit patched Pulse Secure VPN devices
Organizations that are running Pulse Security VPN devices may still be at risk of being exploited, even if previously patched, according to a new Department of Homeland Security (DHS) advisory. The risk is elevated if an actor previously exploited CVE-2019-11510 and stole AD credentials from the victim organization.
Alert: Threat actors continue to exploit patched Pulse Secure VPN devices Read More »
FBI warns of video-teleconferencing hijacking “Zoom-bombing”
As the COVID-19 crisis continues to spread, larger numbers of enterprises and learning organizations are moving meetings and classrooms online via video-teleconferencing (VTC) platforms. The FBI has issued a new warning of recent VTC attacks and also offered guidance on how to better security VTC platforms.
FBI warns of video-teleconferencing hijacking “Zoom-bombing” Read More »
APT41 launches broad cyber campaign with multiple exploits
Researchers from FireEye have discovered Chinese cyber threat group APT41 carry out a broad cyber campaign between January 20 and March 11, 2020. The actors have attempted to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central products against 75 FireEye customers.
APT41 launches broad cyber campaign with multiple exploits Read More »
Organizations need heightened level of Enterprise VPN security in the wake of Coronavirus Pandemic
To prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), more organizations are electing to have their employees work remotely from home. With that responsibility, more organizations will need to adopt a heightened level of security to protect themselves from attackers who look to exploit weaknesses in enterprise virtual private networks (VPNs).
Cisco patches vulnerabilities in multiple products
Cisco has released security patches for Email Security Appliance, Webex, Prime Network Registrar, Intelligent Proximity and other products. Four of the vulnerabilities are High risk and another eight are rated Medium severity.
Cisco patches vulnerabilities in multiple products Read More »
Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices
Security researchers have discovered a new vulnerability dubbed Kr00k (or “KrØØk”) that impacts devices with Broadcom and Cypress Wi-Fi chips.
Kr00k: Wi-Fi encryption vulnerability impacts billion+ devices Read More »
Cisco patches vulnerabilities in multiple products (one Critical CVE-2020-3158)
Cisco has released security updates for multiple products to include IOS, Email Security Appliance, Data Center Network Manager and other products. One of the updates also addresses a critical vulnerability in Cisco’s Smart Software Manager On-Prem.
Cisco patches vulnerabilities in multiple products (one Critical CVE-2020-3158) Read More »
Cisco security updates for Webex, IOS and other products
Cisco has released security updates for Webex, IOS, and other products. Two of the vulnerabilities are rated High severity and should be prioritized.
Cisco security updates for Webex, IOS and other products Read More »
Attackers continue to target unpatched Pulse Secure VPN systems
The Cybersecurity and Infrastructure Security Agency (CISA) issued a new warning that attackers continue to target unpatched Pulse Secure VPN systems.
Attackers continue to target unpatched Pulse Secure VPN systems Read More »