Tag: identified

soc

CVE-2026-20230: Cisco Unified CM WebDialer SSRF Can Lead to Root-Level Compromise

CVE-2026-20230: Cisco Unified CM WebDialer SSRF Can Lead to Root-Level Compromise Cisco has released fixes for CVE-2026-20230, an unauthenticated remote vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). The flaw is an SSRF issue that can be chained into an arbitrary file write on the underlying operating system, […]

Mehr lesen →
security

SANS Stormcast Tuesday, June 2nd, 2026: Netlogon Exploit; Unidentified RAT; Windows Netlogon Exploited; RedHat npm Affected; Dashlane Bruteforce Attach

Unidentified RAT pushes NetSupport RAT https://isc.sans.edu/diary/Unidentified%20RAT%20pushes%20NetSupport%20RAT/33034 CVE-2026-41089: Windows Netlogon Vulnerability Exploited https://ccb.belgium.be/advisories/warning-microsoft-patch-tuesday-may-2026-patches-118-vulnerabilities-16-critical-102 RedHat npm Packages Affected https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm Dashlane Locking Accounts after Brute Force https://status.dashlane.com/pages/5aabcb89fccc4b04d3774443 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich

Mehr lesen →
security

Unified Communication gehört heute zur kritischen Infrastruktur

Unified Communications & Collaboration (UCC) hat sich vom Meeting-Tool zum Fundament moderner Unternehmen entwickelt, doch die Sicherheit hinkt hinterher. Zuständigkeitslücken zwischen Collaboration-, Security- und Einkaufsteams verhindern einen durchgängigen Schutz. Gefährlich sind dabei selten Zero-Days, sondern Fehlkonfigurationen, fragile Update-Ketten und fehlendes Lifecycle-Denken.

Mehr lesen →