Cyber Security and Information Systems Information Analysis Center
Cisco Systems revealed in a security bulletin Wednesday that it "inadvertently" shipped in-house exploit code that was used in security tests of scripts as part of its TelePresence Video Communication Server and Expressway Series software. The code exploits the Dirty Cow vulnerability (CVE-2016-5195), a well-known privilege escalation vulnerability in the
https://threatpost.com/cisco-accidentally-released-dirty-cow-exploit-code-in-software/138888/
Wi-Fi signals from ordinary Wi-Fi equipment can be used to detect suspicious objects, such as bombs or weapons, inside people's bags or luggage, at schools, stadiums, museums, malls, or other public spaces.
An overhaul of a critical internet security protocol has been completed, with TLS 1.3 becoming an official standard late last week.
On Monday, the Wi-Fi Alliance, the organization that manages Wi-Fi technologies, announced the official release of WPA3. WPA3 is the latest version of Wi-Fi Protected Access (WPA), a user authentication technology for Wi-Fi connections.
https://www.bleepingcomputer.com/news/security/new-wpa3-wi-fi-standard-released/
The VPNFilter malware that infected over 500,000 routers and NAS devices across 54 countries during the past few months is much worse than previously thought.
A malicious campaign has compromised more than 40,000 machines globally, carrying out traffic-hijacking and cryptomining.
https://threatpost.com/operation-prowli-profits-on-weak-iot-devices-servers/132621/
A joint alert issued by the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom's National Cyber Security Centre (NCSC) warns that Russian state-sponsored cyber actors are actively targeting home and enterprise routers.
The Internet Engineering Task Force (IETF) - the organization that approves proposed Internet standards and protocols - has formally approved TLS 1.3 as the next major version of the Transport Layer Security (TLS) protocol.
https://www.bleepingcomputer.com/news/security/ietf-approves-tls-13-as-internet-standard/
Researchers have discovered malware so stealthy it remained hidden for six years despite infecting at least 100 computers worldwide.
DDoS attacks taking advantage of ill-advised use of memcached have begun to decline, either because sysadmins are securing the process, or because people are using a potentially-troublesome "kill switch."
http://www.theregister.co.uk/2018/03/12/memcached_cavalry_spotted_on_the_horizon/
The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More
| Phone: | 800-214-7921 |
| Email: | info@csiac.org |
| Address: | 266 Genesee St. Utica, NY 13502 |
