Reuters - Six central banks to hold digital currency meeting in April: Nikkei
Endgadget - Huawei sues Verizon after patent talks break down
Irony thy name is Huawei
techdirt - Second California Court Tells State AG To Stop Screwing Around And Release Police Misconduct Records
Dark Reading - Department of Energy Adds Attivo Decoys for Critical Infrastructure Security
The US Department of Energy's Office of Technology Transitions (OTT) Technology Commercialization Fund (TCF) and the Pacific Northwest National Laboratory (PNNL) have awarded a contract to Attivo Networks for building out a Deception Defense Platform for Cyber-Physical Systems. The project is designed to improve critical infrastructure cybersecurity capabilities.Cyberscoop- 5 new vulnerabilities expose the 'backbone' of an enterprise network to data theft -
The vulnerabilities, four of which could allow a hacker to deploy their code remotely, are in the Cisco Discovery Protocol (CDP), a popular protocol that allows Cisco devices on the same network to talk to each other. The CDP is a means of separating virtual local area networks within an enterprise. By breaking the protocol, and using a switch as a foothold to other parts of the network, an attacker could gain access to an array of enterprise devices.Maybe I'm wrong but I don't believe this paragraph accurately describes CDP, irregardless there is a write up on the vulnerabilities here and they seem pretty serious, although it appears you have to already have a foothold on the network to exploit them. Patches have been issued by Cisco
No comments:
Post a Comment