Patches

‘Distributed guessing’ attack lets hackers verify Visa card details

Armed with a card number, researchers tricked websites into helping them guess the expiry date and CVV.

GandCrab attackers exploit recently patched Confluence vulnerability

If your company uses Confluence, make sure you have the latest available patches for this vulnerability.

Cisco warns WLAN controller, 9000 series router and IOS/XE users to patch urgent security holes

Cisco says unpatched vulnerabilities could lead to DoS attacks, arbitrary code execution, take-over of devices.

Cisco Talos details exceptionally dangerous DNS hijacking attack

Cisco Talos says state-sponsored attackers are battering DNS to gain access to sensitive networks and systems.

Sophos, Avast warn of Windows machines failing to boot after latest Microsoft patch

Antivirus makers Sophos and Avast are warning users that installing a recent Windows update may cause their PCs to lock up or fail to boot.

Homeland Security warns on VPN security bug in Cisco, Palo Alto, F5, Pulse software

VPN packages from Cisco, Palo Alto, F5 and Pusle may improperly secure tokens and cookies, allowing nefarious actors an opening to invade and take control over an end user’s system.

Critical Magento SQL injection flaw could be targeted by hackers soon

Popular e-commerce platform Magento has released security patches to fix the flaw. Researchers say update now.

Cisco RV320 and RV325 online management interface remains open to attacks

Cisco customers using Small Business RV320 and RV325 who updated the online management interface for the dual gigabit WAN VPN routers in January will need to update it again.

Cisco warns of two security patches that don’t work, issues 17 new ones for IOS flaws

Cisco is issuing 17 new fixes for security problems with IOS and IOS/XE software that runs most of its routers and switches, while it has no patch yet to replace flawed patches to RV320 and RV 325 routers.

Cisco directs high priority patches for IP phone security exposures

Cisco this week advised customers using its 7800 and 8800 series IP phones they should patch a variety of “high” priority vulnerabilities that could lead to denial of service and other security problems.

Cisco uncorks 26 security patches for switches, firewalls

Cisco is patching holes in software for Nexus 3000, 3500, 7000, 9000 switches and for Firepower 4100 Series next-generation firewall and Firepower 9300 security appliance.

Cisco warns a critical patch is needed for a remote access firewall, VPN and router

Cisco is warning organizations with remote users using a particular wireless firewall, VPN and router to patch a critical vulnerability in each that could let attackers break into the network.