Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.
| | | LATEST SECURITY NEWS & COMMENTARY | | Zero-Day Alert: 10K Cisco IOS XE Systems Now Compromised Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps. Watch Out: Attackers Are Hiding Malware in 'Browser Updates' Updating your browser when prompted is a good practice, just make sure the notification comes from the vendor themselves. Amazon Quietly Wades Into the Passkey Waters The move by the e-commerce kahuna to offer advanced authentication to its 300+ million users has the potential to move the needle on the technology's adoption, security experts say. UAE, US Partner to Bolster Financial Services Cybersecurity The two countries agree to share financial services information and provide cross-border training and best practices. Chatbot Offers Roadmap for How to Conduct a Bio Weapons Attack Once ethics guardrails are breached, generative AI and LLMs could become nearly unlimited in its capacity to enable evil acts, researchers warn. 'Etherhiding' Blockchain Technique Masks Malicious Code in WordPress Sites The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers. Top 6 Mistakes in Incident Response Tabletop Exercises Avoid these errors to get the greatest value from your incident response training sessions. (Sponsored Article) 3 Essential Steps to Strengthen SaaS Security SaaS security is broad, possibly confusing, but undeniably crucial. Make sure you have the basics in place: discovery, risk assessment, and user access management. MORE NEWS / MORE COMMENTARY | | |
|
Dark Reading Daily
-- Published By Dark Reading
Informa Tech Holdings LLC | Registered in the United States
with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA
| | To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. | | Thoughts about this newsletter? Give us feedback. |
Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: | | If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. | | We take your privacy very seriously. Please review our Privacy Statement. |
|
| |
