TTCSIRT-354.09.03.20: TT-CSIRT ADVISORY – Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device.…
Read MoreTTCSIRT-353.09.03.20: TT-CSIRT ADVISORY – Cisco Jabber for Windows Protocol Handler Command Injection
The application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper handling of input to the…
Read MoreTTCSIRT-352.09.03.20: TT-CSIRT ADVISORY – Cisco Jabber for Windows Message Handling Arbitrary Code Execution
A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code. The vulnerability is due to improper validation of message contents. An attacker could exploit…
Read MoreTTCSIRT-351.09.03.20: TT-CSIRT ADVISORY – Cisco IOS XR Authenticated User Privilege Escalation Vulnerability
A vulnerability exists in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges…
Read MoreTTCSIRT-350.09.03.20: TT-CSIRT ADVISORY – Ransomware families LockBit, Maze headline ransomware
Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape over the past quarter, according to a new report. Infections involved a wide variety of malware families including LockBit…
Read MoreTTCSIRT-349.09.03.20: TT-CSIRT ADVISORY – Emotet new delivery using a new Word lure document
The Emotet botnet continues to evolve, and now uses a Microsoft Word template to spread its malware. Known as “Red Dawn,” the new infection method involves the user downloading a…
Read More