TTCSIRT-350.09.03.20: TT-CSIRT ADVISORY – Ransomware families LockBit, Maze headline ransomware
Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape over the past quarter, according to a new report. Infections involved a wide variety of malware families including LockBit…
Read MoreTTCSIRT-349.09.03.20: TT-CSIRT ADVISORY – Emotet new delivery using a new Word lure document
The Emotet botnet continues to evolve, and now uses a Microsoft Word template to spread its malware. Known as “Red Dawn,” the new infection method involves the user downloading a…
Read MoreTTCSIRT-348.08.31.20: TT-CSIRT ADVISORY – Cisco’s active IOS XR zero-day exploit
Cisco warns of a new zero-day vulnerability impacting the Internetwork Operating System (IOS) that ships with its networking equipment. The vulnerability, tracked as CVE-2020-3566, impacts the Distance Vector Multicast Routing…
Read MoreTTCSIRT-347.08.28.20: TT-CSIRT ADVISORY – Atutor SQL Injection
An SQL injection vulnerability exists in ATutor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system. This module exploits a…
Read MoreTTCSIRT-346.08.28.20: TT-CSIRT ADVISORY – Cisco Critical Flaw Patched in WAN Software Solution
Cisco has issued a fix for a critical flaw in its Virtual Wide Area Application Services (vWAAS), software for optimizing WAN on virtual private cloud infrastructure. The flaw (CVE-2020-3446), which…
Read MoreTTCSIRT-345.08.28.20: TT-CSIRT ADVISORY -VMware ESXi, vCenter Server, and Cloud Foundation denial of services
A vulnerability was found in VMware ESXi and vCenter Server (Server Management Software) (the affected version is unknown). It has been declared as problematic. This vulnerability affects some unknown functionality…
Read More