New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Threat Intelligence: Cisco Mistakenly Adds Dirty Cow Exploit Code to its Own Software

During a security brief on Wednesday, Cisco announced that they unintentionally released code that they used in house for trials when testing their TelePresence Video Communication Server. Dirty Cow (CVE-2016-5195) was discovered in 2016 as a privilege escalation vulnerability in Linux Kernel. Dirty Cow was utilized to guarantee that Cisco’s products are secured against known endeavors. In any case, there was a drawback in the last QA approval venture of the product, and subsequently somebody from Cisco missed the presence of the code prior to its release. At this time, Cisco says they are unaware of any malicious uses of the mishap and the affected products are not prone to any attacks.

Binary Defense Recommendation: It is advised for any users utilizing Cisco products to update their software images when they are readily available. Stay up-to-date with security briefs when using products that are vulnerable to these types of threats since new malicious activities are conducted daily.