Security Bytes: Cisco and Metasploit fix flaws
Cisco patches CS-MARS flaws and Metasploit creator H.D. Moore warns of a serious Internet Explorer flaw
Attackers could exploit several security holes in Cisco's Security Monitoring, Analysis and Response System (CS-MARS) to take complete control of an affected system or gain knowledge of sensitive information. A fixed version of the program is now available.
The San Jose, Calif.-based networking giant said in an advisory that version 4.2.1 of CS-MARS -- a security system that receives and analyzes event logs from various network devices and reports any security issues -- fixes the following problems:
From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
Metasploit creator warns of serious IE flaw
Metasploit Framework creator H.D. Moore has outlined a serious vulnerability in Microsoft Internet Explorer (IE) as part of his Month of Browser Bugs campaign.
Moore has been posting at least one new browser flaw a day in his Browser Fun blog as part of the effort, which he has said will continue through the month of July. One of the latest postings for IE caught the attention of the French Security Incident Response Team (FrSIRT), which labeled the flaw critical in an advisory.
Remote attackers could exploit the flaw to crash a vulnerable browser or potentially take complete control of an affected system, FrSIRT warned. "This flaw is due to an integer overflow error in the Common Controls library 'comctl32.dll' when processing a 'WebViewFolderIcon' object with a specially crafted 'setSlice()' method, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by convincing a user to visit a specially crafted Web page," FrSIRT said.
Cisco may get more unwanted attention at Black Hat
Last year's Black Hat Briefings conference in Las Vegas was dominated by the controversy caused by researcher Michael Lynn's demonstration of a Cisco router exploit. Lynn isn't scheduled as a presenter at this year's Black Hat proceedings, which take place Aug. 2 and 3, but Cisco's products may be under the microscope again.
Fifteen new exploits will be detailed at this year's conference and two of them target NAC (Network Admission Control) and VoIP vulnerabilities in products from Cisco and other vendors. Black Hat Director Jeff Moss told the IDG News Service that vulnerability researchers are shifting focus from Windows flaws to other areas like NAC and VoIP.
Black Hat and Cisco settled a lawsuit over the Lynn affair after conference organizers promised not to proliferate Lynn's findings. The IDG News Service noted that a Cisco lawsuit regarding any potential disclosures at the upcoming conference is unlikely because the exploits are related to underlying technologies used in many products, not just those produced by Cisco.
Read more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments