On Wednesday, Cisco issued patches for 30 flaws, including a grave bug affecting ASR 9000 Series Aggregation Services Routers running IOS XR 64-bit software.
The flaw, tracked as CVE-2019-1710 and containing a CVSS score of 9.8, could allow an unverified, distant attacker to get access to internal applications running on the sysadmin virtual machine (VM).
An advanced persistent threat (APT) is a wide-ranging term used to describe an attack drive in which a trespasser, or a group of trespassers, launches an illegitimate, long-term presence on a network in order to mine highly sensitive data. The targets of these attacks, which are very prudently selected and researched, classically include large enterprises or governmental networks.
Enterprise behemoth warns that several pre-auth remote code exec holes need to be pasted over
In its quarterly security updates released today, Oracle said it patched as many as 296 flaws across its enormous line of enterprise software.
Software giant Microsoft has revealed that hackers, at the beginning of the year, managed to access customers’ web-based email accounts for three months. The company added that unknown hackers hit the accounts of various Microsoft email services between January 1 and March 28.
This week, SAP released 6 Security Notes as part of its April 2019 Security Patch Day, including two that highlight high severity vulnerabilities in Crystal Reports and NetWeaver.
Intel, on the other hand, has released security updates highlighting two high-severity flaws in its Intel Media Software Development Kit (SDK) and Intel NUC mini PC.
Juniper Networks has released an update after discovering hardcoded credentials had been left in some of its datacenter switches.
Designated CVE-2019-0034, the exposed login was found in the Junos Network Agent, a software tool used to manage sensors and other devices that monitor network performance. Precisely, hardcoded credentials were found in Google gRPC, a component used with the Junos Telemetry Interface.
Yahoo!, the search engine and web services giant, is set to pay $117.5m in an effort to settle a data breach issue out of court, according to reports.
The California-based company suffered a string of breaches between 2013 and 2016, with the earliest attack affecting every single customer account totaling 3 billion users.
Microsoft has patched upwards of 70 flaws in April 2019, as well as two Windows zero-day vulnerabilities that let an attacker escalate privileges on a bargained system.
Attackers are actively exploiting a recently repaired SQL injection fault impacting the popular open-source e-commerce platform Magento. Therefore, if you haven’t executed the provided security update or patch, you can do it now.
Israeli newspaper Haaretz has reported that just a few days ahead of Knesset election, a group of hackers has claimed to have stolen 6 million Israeli voters’ data on April 6, after effectively compromising the voting system’s registry.