Security News > 2020 > July

Cisco informed customers on Wednesday that it has patched critical and high-severity vulnerabilities in its Data Center Network Manager network management platform. "The vulnerability exists because different installations share a static encryption key. An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges," Cisco explained.

A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control domain names. The campaign starts with an increasingly common attack vector: The compromise of misconfigured Docker API ports.

The European Union imposed its first ever sanctions against alleged cyber attackers on Thursday, targeting Russian and Chinese individuals and a specialist unit of Moscow's GRU military intelligence agency. The best known of the targeted entities is the Main Centre for Special Technologies, a unit of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation - better known as the GRU. This unit, based on Kirova Street in Moscow, is said to have carried out attacks known as NotPetya and EternalPetya in June 2017, hitting EU private companies with ransomware and blocking data.

Learn how to enable passwordless SSH authentication on both Linux and macOS. You probably secure shell into your Linux servers throughout the day. Hopefully, you've set those servers up such that you're using SSH Key Authentication.

The good news for most of us is that it relies on a bug in a bootloader program known as GRUB, short for Grand Unified Boot Loader, which is rarely found on Windows or Mac computers. The BootHole vulnerability is a parsing error in the GRUB bootloader that leads to a buffer overflow while the configuration file is being read in.

Network appliances and devices that still have their default credentials present a risk to your organization, says SecurityHQ. Think of all the routers, switches, appliances, and other devices that may be available and accessible on your network. In its blog post entitled "Notes from the Field. Don't Default on Password Security," SecurityHQ described the trap of default credentials.

A recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards. Virtually all chip-based cards still have much of the same data that's stored in the chip encoded on a magnetic stripe on the back of the card.

Cisco is warning of several critical and high-severity flaws in its Data Center Network Manager for managing network platforms and switches. DCNM is a platform for managing Cisco data centers that run Cisco's NX-OS - the network operating system used by Cisco's Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches.

A vulnerability that Zoom addressed in its web client could have allowed an attacker to join private meetings by brute-forcing the passcode. Related to the lack of a limitation to the number of attempts allowed for checking the correct password for a meeting, the vulnerability could have allowed an attacker to join private meetings by simply trying all of the possible combinations.

The Vermont Department of Taxes may have been exposing taxpayer data that could be used in credential scams for more than three years due to a vulnerability in its online tax filing system. A notice posted on the department's website warned taxpayers who filed a Property Transfer Tax return through the department's online filing site between Feb. 1, 2017, and July 2, 2020, may have had their personal information leaked.