SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#cisco
21 Mar 2017

Cisco finds 0-Day in CIA dump affecting over 300 network switch models

Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing "Vault 7" — a roughly 8,761 documents and files leaked by Wikileaks last week.

The vulnerability resides in the CMP processing code in Cisco IOS and Cisco IOS XE Software. If exploited, the flaw could allow an unauthenticated, remote attacker to cause a reboot of an affected device or remotely execute malicious code on the device with elevated privileges to take full control of the device.

Read more
Tags:
information leaks Cisco
Source:
The Hacker News
1870
8 Nov 2016

Cisco job applicants warned of potential mobile site data leak

Users of Cisco's Professional Careers mobile site, mjobs.cisco.com, have been warned of a potential leak of their data, which the networking giant is pinning on an incorrect security setting.

"Cisco's investigation found this to be the result of an incorrect security setting following system maintenance on a third-party's website," the company said in its advisory. "Upon learning this, the setting was immediately corrected and user passwords to the site were reset." The setting was found to be in place between August and September 2015, and July and August 2016, the company said.

Read more
Tags:
information leaks Cisco
Source:
ZDNet
1791
13 Oct 2016

Cisco warns of critical flaws in Nexus switches

Cisco released several critical software patches this week for its Nexus 7000-series switches and its NX-OS software. The vulnerabilities can allow remote access to systems, enabling a hacker to execute code or commands on targeted devices.

Both the Nexus 7000 and 7700 series switches are susceptible to overlay transport virtualization buffer overflow flaws. This bug is due to incomplete input validation performed on the size of overlay transport virtualization packet header parameters. Exploiting this vulnerability can result in a buffer overflow and open the door for an attacker to execute arbitrary code and obtain full control of the system. 

Read more
Tags:
Cisco information leaks
Source:
Threatpost
1936
21 Sep 2016

Cisco finds new zero-day exploit linked to NSA hackers

Network equipment vendor Cisco is finally warning its customers of another zero-day vulnerability the company discovered in the trove of NSA's hacking exploits and implants leaked by the group calling itself "The Shadow Brokers."

Last month, the Shadow Brokers published firewall exploits, implants, and hacking tools allegedly stolen from the NSA's Equation Group, which was designed to target major vendors including, Cisco, Juniper, and Fortinet. Cisco analyzed the exploit and noted that it had not identified any new flaws related to this exploit in its current products.

Read more
Tags:
NSA Cisco hackers information leaks
Source:
The Hacker News
2474
8 Apr 2016

Cisco high severity flaw lets malware bypass FirePower Firewall

Technology vendor Cisco is pushing out security updates to customers to address a critical vulnerability found in its recently introduced line of FirePower firewall products. The vulnerability, according to Cisco, allows attackers to slip malware onto critical systems without detection.

The flaw also impacts Snort, an open source network-based intrusion detection system also owned by Cisco. Cisco alerted customers of the vulnerability last week classifying it as “high severity”. Impacted Cisco hardware include several Firepower firewall appliances, its Next Generation Intrusion Prevention System for both Blue Coat and VMware security services.

Read more
Tags:
Cisco information leaks
Source:
Threatpost
2046
13 Oct 2015

Attackers target organizations via Cisco WebVPN

A Cisco VPN product has been targeted by malicious actors looking to steal sensitive credentials and maintain access to compromised networks, according to incident response and threat intelligence company Volexity.

The security firm says it has spotted attacks against several organizations via the Cisco Clientless SSL VPN, a product that allows Cisco Adaptive Security Appliance customers to securely gain access to the corporate network via a web-based portal. Users can be allowed to access internal files and web resources using the VPN solution so it’s important to ensure that it’s properly protected against hacker attacks.

Read more
Tags:
Cisco information leaks
Source:
SecurityWeek
2145
18 Sep 2015

Backdoor malware found in Cisco routers

Mandiant has been involved in researches related to cyber defense. In their recent findings, a backdoor malware identified as the one compromising the principles of Cisco routers with features such as рaving an everlasting effect.

The malicious program is implanted in the router illicitly through the device’s firmware. The goal is achieved by modifying the router's firmware image, which exists even after the device gets a reboot. Also, it was reported about vulnerabilities in Belkin routers leading to privilege escalation and cyber attacks like man-in-the-middle attack. This is considered as an evident example where routers are being compromised on a large level.

Read more
Tags:
Cisco information leaks
Source:
The Hackers News
1951
14 Aug 2015

Cisco warns customers about attacks

Installing rogue firmware on embedded devices has long been a concern for security researchers, and it seems that such attacks have started to gain ground with hackers.

Cisco Systems warned customers that it is aware of a limited number of cases where attackers have replaced the boot firmware on devices running its IOS operating system. IOS runs on most Cisco routers and switches and provides a complex set of networking tools and features. Attackers used valid administrative credentials in order to replace the ROMMON image on IOS devices. For attackers, the benefit of installing a malicious image on a device is that it makes compromises persistent.

Read more
Tags:
Cisco information leaks hackers
Source:
PCWorld
2148
18 May 2014

Cisco boss calls on Obama to rein in surveillance

Cisco’s chief executive has written to President Barack Obama warning of a collapse of trust in US technology after evidence emerged showing the National Security Agency breaking into his company’s equipment.

In a letter John Chambers called for “standards of conduct” to rein in government surveillance so that national security objectives do not interfere with the US’s leading position in the global technology market. The letter was dated the day after pictures circulated on the internet showing NSA staff opening boxes of Cisco gear so that the US security agency can monitor internet traffic after the equipment has been shipped to customers. Mr Chambers complained that the NSA actions would undermine confidence among customers of US technology firms.

Read more
Tags:
Obama data protection NSA USA Cisco Snowden
Source:
The Financial Times
2418
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015