Saturday, September 26, 2020

Worth Reading: Iron Chef - Certification Edition

In one of his recent blog posts Tom Hollingsworth described what I semi-consciously felt about the CCIE lab exam for at least 25 years: it’s full of contrived scenarios that look more like Iron Chef than real life.

I understand they had to make the lab harder and harder to stop cheating (because talking with candidates and flunking the incompetents is obviously not an option), and there’s only so much one can do with a limited set of technologies… but forcing networking engineers to find ever-more-devious ways to solve overly-complex problems is nothing else but fuel for rampant MacGyverism.

Anyway, I don’t think this mess will ever be fixed, so the only thing we can do is to enjoy the rant.


Thanks to (see source)

Friday, September 25, 2020

Government cybersecurity agency warns of Windows Server exploit

The federal government's Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.

The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take "immediate and emergency action" to patch CVE-2020-1472, issued August 11.

The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named "Zerologon" because of how it works.

To read this article in full, please click here


Thanks to Andy Patrizio (see source)

Government cybersecurity agency warns of Windows Server exploit

The federal government's Cybersecurity and Infrastructure Security Agency (CISA) has issued a rare emergency directive to federal government agencies to roll out a Windows Server patch within days, an indication of the severity of the exploit.

The directive was issued on September 18, and agencies were given four days to apply the security update. It demands that executive agencies take "immediate and emergency action" to patch CVE-2020-1472, issued August 11.

The vulnerability is in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory from Windows Server 2008 to Server 2019. It has been named "Zerologon" because of how it works.

To read this article in full, please click here


Thanks to Andy Patrizio (see source)

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE

If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.

Cisco this week posted 25 “High” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company’s most widely used operating systems. The warnings affect firewalls, wireless access points and switches.

For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).

To read this article in full, please click here


Thanks to Michael Cooney (see source)

Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE

If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.

Cisco this week posted 25 “High” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company’s most widely used operating systems. The warnings affect firewalls, wireless access points and switches.

For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall,resulting in a denial of service (DoS).

To read this article in full, please click here


Thanks to Michael Cooney (see source)