Summary On July 14th, 2020 Microsoft publicly disclosed the existence of a critical severity vulnerability in all recent versions of the Microsoft Windows Server operating
Author: Francisco Donoso
Francisco Donoso leads the Managed Security Services Architecture team here at Kudelski Security.
Security Advisory: F5 BIG-IP Critical Severity RCE Vulnerability CVE-2020-5902
Updated on July 7th, 2020: The Cyber Fusion Center has learned that the original mitigation guidance provided by F5 was incomplete and has been bypassed.
Critical Vulnerabilities Cisco Smart Install Actively Exploited to Cause Mass Network Outages (CVE-2018-0171 & CVE-2018-0156)
Summary The Cyber Fusion Center has learned of malicious, seemly automated, exploitation of recent Cisco IOS and Cisco IOS XE critical vulnerabilities (CVE-2018-0171 & CVE-2018-0156)
CVE-2018-010 – Cisco Updates Advisory Regarding Critical Remote Code Execution and Denial of Service Vulnerabilities in ASA and FTD software
Summary On February 5th, 2018 Cisco updated an existing vulnerability advisory for CVE-2018-010 due to newly discovered attack vectors and because the original software fix
Meltdown & Spectre Attacks on CPU Flaws
Summary On January 3rd 2018, several hardware flaws affecting modern processors were publicly disclosed by security researchers. These flaws are exploitable by attacks nicknamed “Meltdown”
Key Reinstallation Attacks (KRACK) affecting WPA Protocol – Advisory
Summary On October 16th, several vulnerabilities affecting the Wi-Fi Protected Access II (WPA2) protocol were disclosed by security researchers in coordination with the U.S CERT.
