Cisco has issued a warning to its customers regarding the critical OpenSSH ‘regreSSHion’ vulnerability discovered by researchers at Qualys. The advisory, published on July 5, 2024, identifies 42 affected products in various areas including network security, routing, and wireless. Updates with fixes are planned for four products, while others are still being evaluated for solutions. … Read more
Cisco issued a security advisory for a critical remote code execution vulnerability called “regreSSHion” affecting various products. The vulnerability, tracked as CVE-2024-6387, was disclosed by Qualys on July 1, 2024, and affects the OpenSSH server on glibc-based Linux systems, potentially allowing attackers to gain root access. The flaw is a regression of a previous vulnerability … Read more
Cisco has released a security advisory addressing a critical remote code execution (RCE) vulnerability known as “regreSSHion” which impacts various products. The vulnerability, labeled as CVE-2024-6387, was made public by the Qualys Threat Research Unit on July 1, 2024. It affects the OpenSSH server (sshd) on glibc-based Linux systems and could allow unauthorized attackers to … Read more
A cyberespionage group called “Velvet Ant,” believed to be aligned with China, recently exploited a zero-day vulnerability in Cisco Nexus devices. This flaw, identified as CVE-2024-20399, allows an attacker to execute arbitrary commands as root on the affected device. According to Sygnia researchers, this exploit led to the deployment of custom malware that enabled remote … Read more
Israeli cybersecurity firm Sygnia has uncovered a critical vulnerability in Cisco’s NX-OS software, impacting numerous Cisco Nexus devices used by organizations worldwide. The security flaw was exploited by the Chinese hacking group Velvet Ant for espionage purposes, marking it as one of the most advanced cyber attacks to date. Sygnia’s researchers identified the vulnerability while … Read more
Intel reassures the public that there is no cause for concern regarding a newly discovered attack targeting their CPUs. The attack, known as Indirector, exploits the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB) on high-end Intel CPUs. Researchers at the University of California, San Diego described Indirector as a high-precision BTI attack that … Read more
Intel has responded to a new attack method targeting their CPUs, called Indirector, by stating that no new mitigations are needed to address it. The attack, similar to Spectre v2, allows attackers to access sensitive data from a system’s memory. Researchers at the University of California, San Diego discovered that Indirector exploits the Indirect Branch … Read more
In a recent cyber attack, Chinese hackers were able to exploit a vulnerability in Cisco software to gain unauthorized access to sensitive information. The flaw in the software allowed them to infiltrate the system and retrieve data without detection. This incident highlights the ongoing threat posed by hackers and the need for companies to maintain … Read more
Recently, a group of Chinese hackers known as Velvet Ant has been identified as exploiting a zero-day vulnerability in new Cisco devices. The hackers, believed to be state-sponsored, have been using this vulnerability to gain unauthorized access to these devices and potentially carry out cyber attacks. The zero-day vulnerability allows the hackers to bypass security … Read more
A new security flaw called “Indirector” has been discovered by researchers at the University of California, San Diego, affecting 12th, 13th, and 14th generation Intel processors. This vulnerability, similar to previous threats like Spectre, Collapse, and Drop, can lead to the leakage of sensitive information from processors. The attack targets the indirect branch indicator (IBI) … Read more