Site Archives
Multiple Cisco Vulnerabilities
GSA Reference Number: AD090925-01
Simply Put: Cisco has announced eleven new vulnerabilities in multiple Cisco products. Nine of the vulnerabilities affect Cisco’s IOS – the operating system for many Cisco devices. Cisco IOS is present on Cisco routers and switches. Two more vulnerabilities affect Unified Communications Manager. The vulnerabilities cover denial of service and authentication bypass on IOS, as well as denial of service and remote code execution on Unified Communications Manager. Many of these vulnerabilities are considered Critical by Gladiator, since a denial of service on a router would result in loss of Internet access. Note: Cisco Firewalls do not run Cisco IOS and are not vulnerable to these issues.
Malware Basics – Part 2
Part 1 – Recognizing an Infection
Part 2 – Incident Response Plans and Procedures
In the first part of our Gladiator guide on Malware Basics, we discussed different methods of determining whether a device or network has a malware infection. Having discussed how to find these malicious infections, we will now review what to do when your phone begins ringing off the hook with users claiming that “the Internet is slow,” or that their workstations are exhibiting signs of a malware infection. Administrators’ questions at that point usually include, “Where do we go from here? Whom do we notify and what actions need to be performed to ‘clean up’ the device?” The answer to all of these questions should be documented in a formal Malware Incident Response Plan.
Cisco TCP Denial of Service Vulnerability in Multiple Cisco Products
GSA Reference Number: AD090909-01
Simply Put: Cisco has announced a new vulnerability in multiple Cisco products, including Cisco ASA and PIX appliances and routers. The vulnerability covers a resource exhaustion issue with TCP connections, which causes a denial of service. Some devices may need to be rebooted to fully recover. This vulnerability is considered Critical by Gladiator. We will be reviewing all CoreDEFENSE-monitored Cisco ASA and PIX devices for susceptibility.
September Microsoft Patch Tuesday
Microsoft has announced five new patches for its monthly patch release cycle. These patches fix multiple vulnerabilities in Microsoft Windows. All five patches are rated Critical, allowing for remote code execution on vulnerable systems. Gladiator recommends that users immediately apply all Critical patches to their systems. Detailed information for the patches can be found in Microsoft’s September Security Bulletin.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007