Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

4 Flaws, Other Weaknesses Undermine Cisco ASA Firewalls

More than 1 million instances of firewalls running Cisco Adaptive Security Appliance (ASA) software have four vulnerabilities that undermine its security, a researcher finds.

DARKReading
#vulnerability#web#mac#linux#cisco#git#java#rce#auth#ssl
New Cross-Industry Group Launches Open Cybersecurity Framework

Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications.

Cisco Confirms Data Breach, Hacked Files Leaked

Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.

The Time Is Now for IoT Security Standards

Industry standards would provide predictable and understandable IoT security frameworks.

New Open Source Tools Launched for Adversary Simulation

The new open source tools are designed to help defense, identity and access management, and security operations center teams discover vulnerable network shares.

New HTTP Request Smuggling Attacks Target Web Browsers

Threat actors can abuse weaknesses in HTTP request handling to launch damaging browser-based attacks on website users, researcher says.

Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance

Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the host network, Bitdefender researchers say.

Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks

Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session validation mechanisms, security startup says.

Rethinking Software in the Organizational Hierarchy

Least privilege is a good defense normally applied only to users. What if we limited apps' access to other apps and network resources based on their roles and responsibilities?