Stories
Slash Boxes
Comments

SoylentNews is people

Hackers Actively Exploit High-Severity Networking Vulnerabilities

posted by Fnord666 on Saturday July 25 2020, @09:55PM   Printer-friendly
from the keep-up-with-your-patches dept.

upstart writes in with an IRC submission for carny:

Hackers actively exploit high-severity networking vulnerabilities:

Hackers are actively exploiting two unrelated high-severity vulnerabilities that allow unauthenticated access or even a complete takeover of networks run by Fortune 500 companies and government organizations.

The most serious exploits are targeting a critical vulnerability in F5's Big-IP advanced delivery controler, a device that's typically placed between a perimeter firewall and a Web application to handle load balancing and other tasks. The vulnerability, which F5 patched three weeks ago, allows unauthenticated attackers to remotely run commands or code of their choice. Attackers can then use their control of the device to hijack the internal network it's connected to.

[...] Attackers are exploiting a second vulnerability found in two network products sold by Cisco. Tracked as CVE-2020-3452, the path traversal flaw resides in the company's Adaptive Security Appliance and Firepower Threat Defense systems. It allows unauthenticated people to remotely view sensitive files that among other things can disclose WebVPN configurations, bookmarks, web cookies, partial web content, and HTTP URLs. Cisco issued a patch on Wednesday. A day later, it updated its advisory.

[...] The impact of these vulnerabilities—particularly the one affecting F5 customers—is serious. These in-the-wild attacks provide ample reason to occupy the weekend of any IT administrators who have yet to patch their vulnerable systems.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Hackers Actively Exploit High-Severity Networking Vulnerabilities | Log In/Create an Account | Top | 31 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Subsentient on Sunday July 26 2020, @05:57AM (1 child)

    by Subsentient (1111) on Sunday July 26 2020, @05:57AM (#1026473) Homepage Journal

    I watched it too. I like that kind of warped humor. I think the world needs more, not less, of that kind of humor, and people need to stop being so easily offended.

    I dream of a world where two old friends spot each other across an aisle in a walmart, and the first one yells "Get over here you fucking nigger faggot!", the second one breaks out in laughter and says "good to see you, you goddamn honkey retard!"

    The real obstacle to that world, however, is the genuine racists. It's hard to think it's in good spirits when there are so many who don't mean it in good spirits.
    That has to change. I want to see such words become funny, classless insults among friends, defanged of most of their hatred and used in a spirit of fun and nuisance.

    --
    "It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by Booga1 on Sunday July 26 2020, @08:17AM

    by Booga1 (6333) on Sunday July 26 2020, @08:17AM (#1026494)

    Sure, but it doesn't deserve anything less than a spam mod when it's posted a dozen times on a story about network equipment vulnerabilities.