Category

Security Alert

Cisco Backdoor Account & Other Critical Vulnerabilities

Hello, Very recently Cisco announced 3 “critical risk” and numerous other “high risk” vulnerabilities. One of those vulnerabilities affect IOS XE devices which come with a default pre-configured privileged account which if known could grant easy access to the device by an attacker. Some sources say that this made its way by mistake from testing...
Read More

Security Alert: Processors Meltdown!

Hello, Recently multiple disclosed security vulnerabilities took the Internet by storm. Dubbed “Meldown” and “Spectre”, those vulnerabilities seem to affect numerous systems and processors including Intel, AMD, ARM; thus it has the potential to affect PCs, servers, networking equipment, mobile devices and even cloud. An attacker can exploit those vulnerabilities by running a special code...
Read More

Wifi is no Longer Secure – WPA2 got KRACKed !

On October 16, 2017, Mathy Vanhoef and Frank Piessens of imec-DistriNet published a paper detailing their discovery of security weaknesses in WPA2. WPA2 (Wi-Fi Protected Access II) is a widely used security protocol developed by the Wi-Fi Alliance for the purpose of  encrypting and securing the traffic on Wi-fi connections between the Wi-fi router and endpoints. WPA2...
Read More

Security Alert: Cisco ASA SNMP Remote Code Execution Vulnerability (CVE-2016-6366)

Hello, Very recently, a new security vulnerability affecting Cisco ASA & Firepower was discovered. Below are the short details: Background: A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute...
Read More

Locky Ransomware

What is a Ransomware? A ransomware is a malicious program that denies the user access to their own files by hiding/scrambling the files and/or encrypting them with strong encryption algorithms. Then, it forces the victim to pay a ransom through online payment – usually bitcoin – in order to regain access to their data. This...
Read More

“Leap Second”: Witness the 61-seconds Minute on June 30th 2015

End of June 2015 (precisely on June 30th, 2015 at 23:59:59 UTC) an additional -Leap- second (23:59:60) will be added to UTC time thus affecting clock time around the world and everything else that comes with it. If you are an IT personnel, you should check the impact of this event on your network by reading...
Read More

Logjam Security Vulnerability (CVE-2015-4000)

Following the continuous revealing of security vulnerabilities with the most unimaginable names such as “Shellshock” (CVE-2014-6271 and CVE-2014-7169), “POODLE” (CVE-2014-3566), “POODLE 2.0” (CVE-2014-8730) and “GHOST” (CVE-2015-0235) affecting SSL, TLS and other widely-used security protocols, it was just a matter of time until the curtain rolled revealing the latest security vulnerability this time affecting Diffie-Hellman algorithm for...
Read More