Cisco Umbrella default SSH key allows theft of admin credentials


Cisco has issued security upgrades to address a critical vulnerability in the Cisco Umbrella Virtual Appliance (VA), which allows unauthenticated attackers to remotely obtain admin credentials.

These on-premise virtual machines are utilised as conditional DNS forwarders that record, encrypt, and authenticate DNS data by Cisco Umbrella, a cloud-delivered security service used by over 24,000 businesses as DNS layer security against phishing, malware, and ransomware assaults. Read More…