• Cisco Adaptive Security DOS


    Overview A recently discovered vulnerability in the Session Initiation Protocol (SIP) inspection engine associated with Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software can allow an unauthenticated, remote attackers to cause an affected device to reload or trigger high CPU utilization, resulting in a denial of service (DoS) incident. Threat […]

    View Details
  • BLEEDINGBIT


    Overview Two vulnerabilities, dubbed “BLEEDINGBIT”, have been discovered in Bluetooth chips found in access points manufactured by Cisco, Meraki, and Aruba that provide WiFi service in enterprises. Successful exploitation of these vulnerabilities allows for unauthenticated attackers to take control of the devices. Threat Intelligence The Masergy Threat Intelligence Team is not aware of any exploitation […]

    View Details
  • Apache Struts RCE


    Overview A vulnerability has been discovered in Apache Struts, which could allow for remote code execution. Apache Struts is an open-source, MVC framework for creating Java web applications. Successfully exploiting this vulnerability could allow for remote code execution in the context of the affected application. Threat Intelligence The Masergy Threat Intelligence Team is aware of […]

    View Details
  • Drupal Core Remote Code Execution


    Overview A vulnerability has been discovered within multiple subsystems of Drupal 7.x and 8.x. Drupal is a free and open source content management framework. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; […]

    View Details
  • Cisco Adaptive Security Appliance Remote Code Execution


    What some observers have labeled as the “perfect bug” is raising concern in the security community. A bug in Cisco VPN programming has created a significant vulnerability that impacts two product sets. It has received the highest severity rating with a 10 out of 10 score and can lead to a denial-of-services attack from unauthenticated and remote users. Software patches have been released and the threat experts at Masergy are closely monitoring the situation. The breakdown below summarizes what is known thus far and we will continue to provide updates as more information and analysis becomes available.

    View Details
  • Meltdown/Spectre


    Overview Vulnerabilities in speculative execution, branch prediction, and application isolation that lead to sensitive information disclosure and affect almost all modern processors have recently been disclosed. Speculative execution and branch prediction are processes designed to increase the performance of processors by performing anticipatory calculations that may not be needed to complete a process. Application isolation […]

    View Details
  • ROBOT Attack


    OVERVIEW A vulnerability in the RSA cryptography used by TLS implementations has recently been disclosed. Transport Layer Security (TLS) is a mechanism for a security transport over network connections. The ROBOT Attack is based on a 19-year-old vulnerability discovered by Daniel Bleichenbacher that allows an attacker to decrypt arbitrary ciphertext without access to the RSA […]

    View Details
  • KRACK – Key Reinstallation Attacks – WPA2 Vulnerabilities


    A weakness affecting almost all implementations of the Wi-Fi Protected Access 2 (WPA2) protocol, Wi-Fi Protected Access 2, has recently been disclosed. An attacker within range of an access point or client may be able to use KRACK (Key Reinstallation Attack) to decrypt packets, inject HTTP content, hijack TCP connections, and perform out of sequence reception and retransmission once a Man-in-the-Middle session is established.

    View Details
  • Blueborne Security Bulletin


    Armis Labs has disclosed a vulnerability that affects nearly all systems using Bluetooth. "BlueBorne" does not require a system to be connected to a network, nor requires any action by an end user, and can spread to devices with Bluetooth enabled. This allows an attacker to connect to a Bluetooth enabled device without actively pairing and upload malware or establish a man-in-the-middle connection without the user's knowledge.

    View Details
  • SMBLoris Exploit


    A flaw in the way SMB handles memory allocation, which can be exploited with an attack coined SMBLoris, was disclosed at DefCon this past weekend. SMBLoris is exploitable through the use of a single, low bandwidth machine opening several low cost SMB connections to a server that does not limit the number of connections from […]

    View Details