VPN

Cisco Reveals Zero-Day VPN Bug Without a Fix

Cisco | November 06, 2020

Cisco doesn’t yet have a fix for a zero-day vulnerability in the Linux, MacOS, and Windows versions of its virtual private network (VPN) software, AnyConnect Secure Mobility Client. While Cisco says it isn’t aware of any instances in which attackers have exploited the vulnerability, in a security advisory updated late Thursday, the vendor warned that a proof-of-concept exploit code is available, and this would make it significantly easier to take advantage of the flaw. The high-severity bug, CVE-2020-3556, earned a CVSS score of 7.3 and is an arbitrary code execution vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client software. It’s due to a lack of authentication to the IPC listener, and attacker could exploit this vulnerability by sending crafted IPC messages to the AnyConnect client IPC listener. If exploited, an attacker could execute a malicious script via the targeted AnyConnect user.

Spotlight

Learn how to easily revalidate your Cloud Verified application with this short video.

Spotlight

Learn how to easily revalidate your Cloud Verified application with this short video.

Related News

VIRTUAL DESKTOP TOOLS, SERVER VIRTUALIZATION

Stratus Demonstrates Edge Computing Platforms at ARC Industry Leadership Forum

Stratus Technologies | February 07, 2023

On February 6, 2023, Stratus Technologies, Inc. (Stratus), an SGH company and a pioneer in protected, simplified, and autonomous Edge Computing platforms announced that it will display its Edge Computing platforms and pre-validated control architectures, made with Rockwell Automation and Schneider Electric, at the 27th annual ARC Industry Leadership Forum from February 6–9, in Orlando, Florida. The subject of this year's conference is energy transition, driving sustainability and performance through digitalization. During the Oil & Gas Transformation session, Stratus and customer Streamline Innovations will present on sustainable gas treating solutions. Stratus will showcase its Edge Computing platforms and solutions at booth #34, including: Stratus ztC Edge Platform - the second-generation Stratus ztC Edge platform integrates in-built fault tolerance and application virtualization in an easy-to-install, rugged design for the edge. Stratus Edge Computing Experience (ECX) - This immersive environment enables IT and OT users to explore a broad range of Edge Computing application cases in industrial automation, allowing users to extend edge automation and exploit essential data for insight using easy, secure, autonomous Edge Computing. Edge Analytics - The IoT analytics software from Litmus on the Stratus Edge 110i and the second-gen Stratus ztC Edge 200i exhibits predictive maintenance, condition-based monitoring, machine learning, and artificial intelligence. The partnership shows a simple, secure, autonomous solution for deploying analytics for any MES, SCADA, or IoT software at edge locations in order to overcome network bandwidth, latency, and risk of downtime. Stratus will also highlight the following to illustrate how pre-validated and tested architectures may reduce engineering time, enable quick deployment, and simplify OT and IT management: PlantPAx® Solution-in-a-Box from Rockwell Automation - A jointly-tested process control architecture running on ztC Edge to facilitate the deployment of small to medium-sized distributed control systems (DCS) that need less than 5,000 I/Os at edge locations. Schneider Electric EcoStruxure™ Micro Data Center with Stratus ftServer® Platform - Designed for edge environments, it combines virtualization, fault tolerance, physical protection and smart uninterrupted power. These pre-validated designs are ideal for Systems Integrators since they save 40% in field engineering work and 20% in time-to-deployment. About Stratus Technologies Stratus, headquartered in Maynard, MA, is a pioneer in protected, simplified, and autonomous Edge Computing platforms. It ensures the continuous availability of business-critical applications for leaders who are digitally transforming their operations in order to drive predictable, peak performance with minimal risk by delivering zero-touch Edge Computing platforms that are easy to deploy and maintain, protected from interruptions and threats, and autonomous. For the past 40 years, the company has supplied dependable and redundant zero-touch computing, allowing global Fortune 500 companies and small-to-medium-sized businesses to securely and remotely transform data into actionable intelligence at the edge, cloud, and data center, thereby increasing uptime and efficiency.

Read More

VIRTUAL DESKTOP TOOLS

Kahoot! Partners with Zoom to Boost Online Meeting Engagement

Kahoot | January 09, 2023

Kahoot! has announced a partnership with Zoom to introduce Kahoot!’s 360 Essential premium app as part of Zoom’s curated Essential Apps. This allows users with Zoom One Pro, Business, or Business Plus online plans to add collaborative learning and engagement to their virtual meetings. The collaboration between Kahoot! and Zoom improves engagement with fun and collaborative learning games, even when they are held remotely. The app is now available for these subscribers and allows them to access the app, along with other Essential Apps, on a dock within Zoom Meeting. From there, users can instantly join a Kahoot! session or host their own using a collection of ready-to-use interactive learning sessions. This provides an exciting way for Zoom users to take their virtual meetings to the next level with collaborative learning activities. "Online meetings now play an essential role in the modern workforce, but many companies have yet to realize their potential for engagement and productivity. With powerful solutions like Kahoot!, corporate teams can transform their virtual meetings to bring learning to life, spark collaboration, build team spirit and more. Now, users have even easier access to Kahoot! during their online meetings as part of Zoom curated Essential Apps, empowering any meeting host to take engagement to the next level in seconds." Eilert Hanoa, CEO, Kahoot! Users with these plans can also redeem a free one-year Kahoot! 360 Essential license, which includes premium features to make virtual meetings, training, and presentations more engaging with Kahoot! This provides an excellent opportunity for subscribers to access more engaging and collaborative learning activities. It offers an easy way for Zoom users to connect with their colleagues and students through interactive activities that foster discussion and encourage active participation. About Kahoot! Kahoot! is a learning platform that is dedicated to making learning fun and engaging for everyone. It allows individuals and organizations to create and host learning sessions that are interactive and compelling. Since its launch in 2013, Kahoot! has hosted millions of learning sessions for over 8 billion participants in more than 200 countries. The company has a number of subsidiaries, including Clever, DragonBox, Poio, Drops, Actimo, Motimate, and Whiteboard.fi. Kahoot! is based in Oslo, Norway, but has offices around the world, including in the US, UK, France, Finland, Estonia, Denmark, Spain, and Poland. It is listed on the Oslo Stock Exchange under the ticker KAHOT.

Read More

VIRTUAL DESKTOP TOOLS, SERVER VIRTUALIZATION

TeamViewer Streamlines Remote Support at Henkel's IT Department

TeamViewer | February 03, 2023

TeamViewer, a renowned provider of remote connectivity and workplace digitalization solutions, is streamlining remote support at the major consumer products and adhesives company, Henkel's IT department. The Düsseldorf-based firm was able to simplify and improve its worldwide internal IT support thanks to the secure corporate connectivity suite TeamViewer Tensor. With TeamViewer, IT professionals at Henkel can now connect to all of their employees' devices, including smartphones, tablets and laptops (a total of 60,000 devices worldwide), irrespective of manufacturer or operating system. Its simple deployment on devices and seamless integration with Henkel's current IT infrastructure, including connections to ServiceNow, Microsoft Azure, and Jamf, among others, were key factors in the decision for TeamViewer. In addition, TeamViewer's solution adheres to all industry-standard security features, including end-to-end encryption, scalable and flexible rights management, and single sign-on. TeamViewer's President, Americas, Patty Nagle, commented, "We have tailored TeamViewer Tensor specifically to the requirements of corporations. The solution can be scaled as required and makes it possible to access devices and machines quickly and easily from anywhere and at any time, in order provide support and maintenance. In times of mobile working, skills shortages and digital transformation at all levels of the value chain, this is a real game changer for IT departments." About TeamViewer TeamViewer Headquartered in Göppingen, Baden-Württemberg, is a global technology firm that provides a connectivity platform for remotely accessing, controlling, managing, monitoring, and repairing devices of all types, ranging from laptops and mobile phones to industrial machinery and robots. While being free for personal use, it has over 625,000 users and helps businesses of all sizes and sectors digitalize their business-critical processes through seamless connectivity. Since the company's inception in 2005, TeamViewer software has been deployed on more than 2.5 billion devices worldwide. The firm employs over 1,500 people globally and has achieved billings worth EUR 548 million in 2021.

Read More