Whatever Wednesday
Internet Archive hacked and 31 million user accounts leaked - Tom's Hardware
Hacking group 'SN_Blackmeta' hacked The Internet Archive and leaked 31 Million user account data which includes emails and hashed passwords in an ......
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
MoneyGram announces hack: Customer data such as Social Security numbers, bank ...
Internet Archive hacked, data breach impacts 31 million users - Bleeping Computer
Cybersecurity researcher hopes to curb phishing by more easily identifying misleading URLS
Using customized machine learning and AI, Indiana University professor Jean Camp has created a method to prevent phishing scams that occur from ......
IT Asset Management bridges the gap between remote work and cybersecurity | TechRadar
Exploring today's top rural healthcare cybersecurity challenges - TechTarget
Data breach leaks SSNs of over 230,000 Comcast customers - The Verge
Check Point - Wrong Check Point (CVE-2024-24919)
Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This time, it is Check Point who is the focus of our penetrative gaze....
Backdoor in XZ Utils allows RCE: everything you need to know - CVE-2024-3094
The WebP 0day: CVE-2023-4863
Critical Vulnerability: SysAid CVE-2023-47246
Stay Informed
- Cisco disclosed two critical vulnerabilities (CVE-2023-20198 and CVE-2023-20273) affecting Cisco IOS XE software that could allow attackers to gain full control of affected devices.
- The vulnerabilities affect devices with the HTTP server feature exposed to the internet. Cisco urged customers to disable HTTP on externally facing devices.
- Cisco first detected suspicious activity exploiting CVE-2023-20198 on September 28. Attackers were creating local admin accounts on routers.
- On October 12, Cisco observed more attacks creating local accounts and deploying an implant script to maintain access. The implant allows running arbitrary commands.
- Over 40,000 internet-facing Cisco IOS devices were found to be compromised by the vulnerabilities as of October 19.
- The attacks are believed to be carried out by the same actor. The threat actor tried to cover their tracks by clearing logs and removing created accounts.
- Cisco scored CVE-2023-20198 a CVSS 10.0 (critical severity) and CVE-2023-20273 a CVSS 7.2 (high severity).
- Patches for both vulnerabilities are estimated to be released on October 22 per Cisco's latest update.
- Cisco and CISA have provided mitigation advice for customers including disabling HTTP, updating devices, and reporting compromised systems.