Summary The Cyber Fusion Center has learned of malicious, seemly automated, exploitation of recent Cisco IOS and Cisco IOS XE critical vulnerabilities (CVE-2018-0171 & CVE-2018-0156)
Category: Vulnerability Notification
Meltdown & Spectre Attacks on CPU Flaws
Summary On January 3rd 2018, several hardware flaws affecting modern processors were publicly disclosed by security researchers. These flaws are exploitable by attacks nicknamed “Meltdown”
Key Reinstallation Attacks (KRACK) affecting WPA Protocol – Advisory
Summary On October 16th, several vulnerabilities affecting the Wi-Fi Protected Access II (WPA2) protocol were disclosed by security researchers in coordination with the U.S CERT.
Security Advisory – Critical Apache Struts Vulnerability (CVE-2017-9805)
Summary On September 5, 2017, a critical remote code execution vulnerability (CVE-2017-9805) was disclosed in the Apache Struts framework. Apache Struts is a popular open
Shadow Broker’s April 2017 Release
Update – April 15, 2017 Microsoft has evaluated the exploits released by the Shadow Brokers and confirmed that the exploits previously through to be “zero-days”
Microsoft Office HTA Handler Vulnerability (CVE-2017-0199)
This past Friday Cisco publicly disclosed a software vulnerability in the Cisco Cluster Management Protocol in Cisco IOS and Cisco IOS XE software. The following is our action report for clients utilizing Cisco devices. Summary CVE-2017-3881 is a critical vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE software […]