Defense

Unit 42 Campaigns Mar 12

Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia

An espionage operation demonstrated strategic operational patience against targets in Southeast Asia, deploying custom backdoors. The post Suspected China-Ba...

Unit 42 →

WeLiveSecurity General Mar 12

Cyber fallout from the Iran war: What to have on your radar

The cybersecurity implications of the war in the Middle East extend far beyond the region. Here’s where to focus your defenses.

WeLiveSecurity →

Tenable Blog Campaigns Tenable Intel Mar 11

Cyber Retaliation: Analyzing Iranian Cyber Activity Following Operation Epic Fury

In the wake of Operation Epic Fury, digital attacks have shifted from quiet espionage to a loud, coordinated campaign of economic and physical retaliation. I...

Tenable Blog →

Infosecurity Magazine General Intel SAP Mar 10

Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials

Dutch intelligence reveals Russian state hackers are trying to hijack the Signal and WhatsApp accounts of key targets

Infosecurity Magazine →

Infosecurity Magazine General Mar 9

Trump Administration Unveils New Cyber Strategy for America

US national cyber strategy focuses on stronger defenses, countering threats, fostering innovation

Infosecurity Magazine →

Cloudflare Blog Vulnerability Disclosure Amazon Cloudflare Mar 9

Active defense: introducing a stateful vulnerability scanner for APIs

Cloudflare’s new Web and API Vulnerability Scanner helps teams proactively find logic flaws. By using AI to build API call graphs, we identify vulnerabilitie...

Cloudflare Blog →

Graham Cluley Zero-Day Mar 5

Smashing Security podcast #457: How a cybersecurity boss framed his own employee

When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the person put in charge of the investigation was the...

Graham Cluley →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defen...

T1059 T1598

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IPsec Denial of Service Vulnerability

A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adapt...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Soft...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability

A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Softwa...

Cisco Advisories →

Cisco Advisories Advisory Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities

Multiple vulnerabilities in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability

A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an un...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software co...

Cisco Advisories →

Cisco Advisories Advisory Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities

Multiple vulnerabilities in the OSPF feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FT...

T1498

Cisco Advisories →

Cisco Advisories Advisory Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD...

T1059 T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability

A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an u...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remo...

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Threat Defense Software Snort 3 SSL Memory Management Denial of Service Vulnerability

A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unau...

T1498

Cisco Advisories →

Cisco Advisories Vulnerability Disclosure Cisco Mar 5

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall...

T1598

Cisco Advisories →