Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Network Server. Show all posts
Network Server
CISO CISO best practices Cyber Security Cyberattacks. Network Safety Network Security Network Server

Cisco Warns of Actively Exploited SD-WAN Vulnerabilities Affecting Catalyst Network Systems

 

Cisco warns of several security holes in its Catalyst SD-WAN Manager, noting hackers have begun using at least one in live operations. Updates exist - applying them quickly reduces risk exposure. Exploitation is underway; delayed patching increases danger. Systems remain vulnerable until fixes take effect. Each unpatched flaw offers attackers a potential entry point. Action now limits future compromise chances. 

Catalyst SD-WAN Manager - once called vManage - serves organizations that need oversight of extensive networks, letting them manage many devices from one location. Because it plays a key part in keeping connections running, flaws within the system can lead to serious problems when updates are delayed. Cisco reports active exploitation of two flaws, labeled CVE-2026-20122 and CVE-2026-20128. 

While one poses a higher risk by letting those with basic API access overwrite critical files, the other leaks confidential information when insiders already have login rights. Though differing in impact level, both demand attention due to ongoing attacks. Access restrictions alone do not fully block either pathway. One alters content without permission; the other quietly reveals what should remain hidden. 

Regardless of how devices are set up, Cisco confirmed the flaws affect the software across the board - leaving any system without updates at risk. Though there is no current evidence of exploitation for the additional bugs listed, moving to protected releases remains advised simply because it limits exposure. 

Despite earlier assurances, Cisco now admits CVE-2026-20127 has seen active exploitation beginning in 2023. Though complex, the flaw makes it possible for experienced hackers to skip authentication steps on network controllers. Unauthorized entry leads to insertion of untrusted devices within protected systems. 

What was once theoretical is now observed in real attacks. Appearing trustworthy at first glance, these unauthorized devices let intruders spread across systems, gain higher access levels, while staying hidden for long periods. Growing complexity and frequency now worry security experts worldwide. Authorities including the Cybersecurity and Infrastructure Security Agency (CISA) have responded by issuing directives requiring organizations, particularly federal agencies, to identify affected systems, collect forensic data, apply patches, and investigate potential compromises linked to these vulnerabilities. 

One step further, Cisco revealed two additional high-risk weaknesses in its Secure Firewall Management Center. Labeled CVE-2026-20079 along with CVE-2026-20131, they involve a flaw allowing login circumvention and another enabling remote command execution. When triggered, hackers might reach root privileges on compromised devices while running harmful scripts from afar - no credentials needed. 

Though rare, such access opens deep control paths across networks. When flaws carry serious risks, acting fast matters most. Those running Cisco’s network control systems should update quickly - while checking logs closely. Exploits already in motion mean delays increase exposure. Watching traffic patterns might reveal breaches hidden before now. 

Facing ever-changing digital dangers, events such as these underline why staying ahead of weaknesses matters - especially when reacting quickly to warnings. A slow reaction can widen risk, while early action reduces harm before it spreads.
Read more »
Virtual Private Network
Cyber Security Data Privacy Network Server Online Security Virtual Private Network

Everything You Need To Know About VPN

 


In an era where our daily lives intertwine with the digital world, the internet becomes both a companion and a potential threat, understanding the role of Virtual Private Networks (VPNs) is key to safeguarding your online experience. Whether you're working remotely, enjoying a coffee shop's Wi-Fi, or travelling, a VPN functions as a dependable safeguard against potential security risks.


What is a VPN? 

A VPN, or Virtual Private Network, is your online security guard. Its purpose is to create a secure, private tunnel over the internet, encrypting your data and protecting it from prying eyes. This extra layer of security is especially crucial given the internet's initial design prioritising data transfer reliability over privacy.


How does it work? 

Imagine your computer wanting to visit a website like ZDNET. Instead of sending unprotected data, a VPN encrypts it and sends it through a secure tunnel to a VPN server. This server then decrypts the information, establishing a safe connection between your device and the destination, ensuring your data remains confidential.

There are two main types of VPNs. Corporate VPNs connect private networks within the same organisation over the internet, securing data transmission. Consumer VPNs, offered as a service, protect your data transmission to the provider's data centre, enhancing security, especially on public Wi-Fi.


When should you use a VPN? 

Whenever you're away from your secure home or office network and using public Wi-Fi, a VPN is your go-to. It adds an extra layer of protection against potential snoopers on open networks, especially when accessing services with personal information.

Choosing the right VPN service matters. While free VPNs exist, they often come with privacy risks. Some are even set up by malicious entities to harvest personal data. Opting for a reputable paid VPN service is a safer choice.

However, a VPN does not serve as an infallible solution for privacy. While it secures your connection, it does not have the capability to prevent websites from tracking your activities. Users are advised to maintain vigilance regarding potential privacy infringements that may extend beyond the scope of the VPN.


Concerned about your computer slowing down? 

Advancements in CPU performance have effectively mitigated the impact of data encryption and decryption processes. However, network performance remains susceptible to the quality of public Wi-Fi and the geographical location of the VPN server. 

Certain VPN services may impose limitations on usage, such as data caps or speed restrictions. These restrictions are often associated with free services. Therefore, opting for a dependable paid service that aligns with your specific requirements becomes imperative.

In the domain of online security, VPNs play a pivotal role. Whether safeguarding sensitive work data or ensuring privacy on public networks, a comprehensive understanding of VPN fundamentals empowers users to traverse the internet securely. It is advised to make informed choices, stay updated, and consider your VPN as a reliable tool for online protection.


Read more »
User Security
attackers attacks Cyber Security Fine Hackers Network Server Security Sensitive data Technology Business Telco User Data User Privacy User Security

Telco Penalized €9 Million for Obscuring Cyberattack Impact from Customers

 

The Greek data protection authority imposed a fine on COSMOTE of 5,850,000 EUR ($6.55 million) and OTE was fined 3,250,000 EUR ($3.65 million) for exposing sensitive customer data due to a cyberattack. 

COSMOTE violated at least eight articles of the GDPR, according to the agency, including its responsibility to inform impacted customers of the full consequences of the incident. 

COSMOTE and OTE (Hellenic Telecommunications Organization) are both parts of the OTE Group, Greece's largest technological business, which provides fixed and mobile telephony, broadband, and network communication services. 

COSMOTE launched an internal investigation in 2020 and discovered that a hacker utilized LinkedIn to social engineer one of its employees and then used brute-forcing techniques to obtain the target's account credentials. According to the investigation's results, the attacker repeatedly utilized a Lithuanian IP address to access one of OTE's servers. On five consecutive occasions, the threat actor used the account credentials to extract database files and the data that was stolen and was 48GB in size. 

COSMOTE keeps call details on its servers for 90 days for service quality assurance and further 12 months for statistical analysis that aids in targeted service enhancement. The anonymization process wasn't done effectively, and the data holding periods weren't fully adhered to, as the data protection authority investigation discovered. 

The compromised server included sensitive subscriber information and call data for the dates September 1, 2020, to September 5, 2020. 

The following are some of the details that have been revealed: 
• Rough positional data of 4,792,869 unique COSMOTE subscribers. 
• Age, gender, plan, and ARPU of 4,239,213 unique COSMOTE subscribers. 
• MSISDN/CLI of 6,939,656 users of other telecommunication providers who communicated with customers of COSMOTE. 
• MSISDN, IMEI, IMSI, and connected tower position for 281,403 roaming subscribers of COSMOTE. 

In some circumstances, the above data could be utilised for highly targeted social engineering, phishing, and even extortion. Nonetheless, for targeted subscribers who may be high-interest personalities, the consequences of the hacking attack could be substantial.
Read more »
Subscribe to: Comments (Atom)