Browsing Tag: vulnerabilities

A researcher has uncovered a pair of vulnerabilities in the Kaseya VSA IT management platform, including an open redirect that could be used to force users to visit an attacker-controlled sites. Kaseya VSA is a platform designed to handle a wide variety of IT management tasks, including audit, inventory, security, patch management, backup and recovery,[…]

Read more...

A week after admitting that several of its security appliances ship with static SSH keys, Cisco warned customers on Wednesday that its Unified Communications Domain Manager platform has a default, static password for an account that carries root privileges. The vulnerability affects versions of the software prior to 4.4.5 and the company said there are no[…]

Read more...

Researchers identified a cross-site scripting vulnerability in a page on the LifeLock website that could allow an attacker to create an authentic-looking login page for the service and harvest usernames and passwords from customers. LifeLock patched the vulnerability quickly after researchers Blake Welsh and Eric Taylor from Cinder Cyber Research reported it. Welsh said via[…]

Read more...