US spy chief James Clapper’s personal online accounts have been hacked, his office confirmed Tuesday, a few months after CIA director John Brennan suffered a similar attack. Clapper’s Office of the Director of National Intelligence confirmed the hack but refused to provide details. “We are aware of the matter and we reported it to the Read more about US spy chief’s personal accounts hacked[…]
Someone’s palm is digging a hole into their face at Cisco, which has just admitted it shipped a bunch of servers with the wrong default password. “A number of C-Series servers have shipped to customers with a non-standard default password which prevents access to the Cisco Integrated Management Controller (CIMC) unless the configured password is Read more about Cisco forgot its own passwords for seven weeks[…]
RedTeam Pentesting discovered that several models of the AVM FRITZ!Box are vulnerable to a stack-based buffer overflow, which allows attackers to execute arbitrary code on the device. Source: RedTeam Pentesting GmbH – AVM FRITZ!Box: Remote Code Execution via Buffer Overflow
Anyone who uses this script against vulnerable firewalls will gain administrator-level command-line access to the equipment. After some outcry on Twitter and beyond, Fortinet responded by saying it has already killed off the dodgy login system. “This issue was resolved and a patch was made available in July 2014 as part of Fortinet’s commitment to Read more about Fortinet tries to explain weird SSH ‘backdoor’ discovered in firewalls, calls it “management authentication issue”[…]