19 matches found
EUVD-2016-2542
Malware in sbrugna...
Cisco AMP Threat Grid Cloud and AMP Threat Grid Appliance software trust management issue vulnerability
Cisco AMP Threat Grid Cloud and AMP Threat Grid Appliance software are both products of Cisco, Inc. The Cisco AMP Threat Grid Cloud is a cloud-based malware and threat intelligence analysis solution. Grid Appliance software is an on-device malware analysis solution. Cisco AMP Threat Grid Cloud an...
CVE-2019-1657
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
CVE-2019-1657
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
Design/Logic Flaw
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
CVE-2019-1657 Cisco AMP Threat Grid API Key Information Disclosure Vulnerability
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
CVE-2019-1657
CVE-2019-1657 affects Cisco AMP Threat Grid (Cloud and on‑premise Threat Grid Appliance). The issue stems from unsafe API key creation, enabling an authenticated, remote attacker to access sensitive information via API key credentials (information disclosure). Likely impact to confidentiality is ...
CVE-2019-1657 Cisco AMP Threat Grid API Key Information Disclosure Vulnerability
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
Cisco AMP Threat Grid API Key Information Disclosure Vulnerability
A vulnerability in Cisco AMP Threat Grid could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to unsafe creation of API keys. An attacker could exploit this vulnerability by using insecure credentials to gain unauthorized access to the affected...
Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign that drops the sophisticated information-stealing trojan called "Agent Tesla," and other malware such as the Loki...
Linux Kernel CVE-2018-5391 Remote Denial of Service Vulnerability
Description Linux Kernel is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Arista Extendible Operating System EOS 4.20.0F Arista Extendible Operating System EOS 4.20.1F Arista Extendible Operating...
Taking the FIRST look at Crypt0l0cker
This post is authored by Matthew Molyett.Executive SummaryIn March, Talos reported on the details of Crypt0l0cker based on an extensive analysis I carried out on the sample binaries. Binaries -- plural -- because, as noted in the original blog, the Crypt0l0cker payload leveraged numerous executab...
CVE-2016-1443
The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample...
CVE-2016-1443
The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample...
Design/Logic Flaw
The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample...
CVE-2016-1443
CVE-2016-1443 affects Cisco AMP Threat Grid Appliance before 2.1.1. The vulnerability lies in the virtual network stack, allowing an unauthenticated remote attacker to bypass sandboxing via a crafted malware sample and to obtain or modify interprocess data. Cisco’s advisory confirms exploitation ...
CVE-2016-1443
The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample...
Cisco AMP Threat Grid Unauthorized Access Vulnerability
Cisco AMP Threat Grid is the United States Cisco Cisco company's set of integrated static and dynamic malware analysis and threat intelligence in one solution. The program can help enterprises to analyze the behavior and intent of malware, the impact of the threat level and defense methods. An...
Cisco AMP Threat Grid Unauthorized Clean IP Access Vulnerability
A vulnerability in the virtual network stack of the Cisco AMP Threat Grid Appliance could allow an unauthenticated, remote attacker to access internal interfaces within the appliance. The vulnerability is due to insufficient isolation between the sandbox and other internal components. An attacker...