Remove 2020 Remove IT Remove Passwords Remove Systems administration
article thumbnail

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

One of the flaws patched the IT giant is a critical issue, tracked as CVE-2020-3158 , while six vulnerabilities are rated as high-risk severity. The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool.

article thumbnail

FBI’s alert warns about using Windows 7 and TeamViewer

Security Affairs

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. “TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.”

Passwords 141
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

List of data breaches and cyber attacks in February 2020 – 623 million records breached

IT Governance

Unfortunately, the number of breached records doesn’t tell the full story, as there were a whopping 105 incidents – making February 2020 the second leakiest month we’ve ever recorded. The US Defence Information Systems Administration discloses 2019 cyber attack (unknown). You can check out the full list below. Ransomware.

article thumbnail

China-linked threat actors have breached telcos and network service providers

Security Affairs

After identifying a critical Remote Authentication Dial-In User Service (RADIUS) server, the cyber actors gained credentials to access the underlying Structured Query Language (SQL) database [ T1078 ] and utilized SQL commands to dump the credentials [ T1555 ], which contained both cleartext and hashed passwords for user and administrative accounts.”

article thumbnail

Threat actors are attempting to exploit recently fixed F5 BIG-IP flaw

Security Affairs

F5 Networks has recently addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product. The CVE-2020-5902 vulnerability received a CVSS score of 10, this means that is quite easy to exploit.

article thumbnail

Dissecting the malicious arsenal of the Makop ransomware gang

Security Affairs

Makop gang did not conduct any significative retooling since 2020, which is a clear indicator of their effectiveness even after three years and hundreds of successful compromises. The gang leverages exposed remote administration services and internet-facing vulnerabilities to gain and maintain access to victim networks.

article thumbnail

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

NSCS @cse_cst @CISAgov @FBI [link] — @U.S.CyberCommand (@US_CYBERCOM) August 3, 2020. The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Keep operating system patches up-to-date.