[HackerNews] Critical Flaw Found in Older Cisco Small Business Routers Won’t Be Fixed

A critical vulnerability in Cisco Small Business Routers will not be patched by the networking equipment giant, since the devices reached end-of-life in 2019.
Tracked as CVE-2021-34730 (CVSS score: 9.8), the issue resides in the routers’ Universal Plug-and-Play (UPnP) service, enabling an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Chinese Researchers Detail Linux Backdoor of NSA-Linked Equation Group

All posts, Security Week

A team of researchers from China’s Pangu Lab on Wednesday published a 50-page report detailing a piece of Linux malware allegedly used against many targets by the threat actor known as the Equation Group, which has been linked to the U.S. National Security Agency (NSA). read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SecurityWeek] ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities

All posts, Security Week

The 15 new advisories released by Siemens and Schneider Electric this Patch Tuesday address a total of 43 vulnerabilities, including ones that have been assigned a “critical” severity rating. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[TheRecord] FBI sees increase in use of virtual meeting platforms for BEC scams

The US Federal Bureau of Investigation said today that it had seen an increase in the use of virtual meeting platforms as a way to trick organizations into sending payments to the wrong accounts as part of a type of attack known as BEC scams. Typically, as their name suggests, business email compromise (BEC) scams usually take […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.