Nov 09, 2014 · Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user.
Apr 11, 2020 · Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. The phishing messages urge victims to install the “update,” but […] The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open Apr 02, 2019 · Ethical hacking training specialists from the International Institute of Cyber Security have reported the discovery of a new vulnerability in the Cisco WebEx browser extensions that could allow remote code execution; according to the reports, the vulnerability has already been exploited in the wild. Oct 01, 2019 · Security researchers have uncovered a way for attackers to snoop on video conferences run on the Cisco WebEx and Zoom platforms. Dubbed "Prying Eye", the flaw spotted by Cequence Security is a Cisco Webex is the ONLY vendor that offers this end-to-end encryption. In addition, we have internal teams dedicated to managing, investigating, and publicly reporting on security vulnerability information related to Cisco products and networks.
Apr 15, 2020 · Webex is one of the many Cisco software solutions to have security built-in as a key foundational element. Let me repeat- Cisco is the largest security company on the planet.
Vulnerability Management Built into the Fabric of WebEx's Security Program Today WebEx relies on Qualys to identify and help the company better address vulnerabilities throughout its IT architecture, including internal and external networks, and its production data centers used to host online meeting and collaboration services. The Cisco WebEx security model (Figure 1) is built on the same security foundation deeply engraved in Cisco’s DNA. The Cisco WebEx team consistently follows the foundational elements to securely develop, operate, and monitor Cisco WebEx services. We will be discussing some of these elements in this document. Figure 1. Cisco Security Model Apr 11, 2020 · Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. The phishing messages urge victims to install the “update,” but […] The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open
Jun 18, 2020 · The Webex flaw is the latest to highlight what several security researchers have noted is the heightened exposure to data theft and loss that organizations face from the increased use of
Apr 11, 2020 · Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. The phishing messages urge victims to install the “update,” but […] The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open Apr 02, 2019 · Ethical hacking training specialists from the International Institute of Cyber Security have reported the discovery of a new vulnerability in the Cisco WebEx browser extensions that could allow remote code execution; according to the reports, the vulnerability has already been exploited in the wild. Oct 01, 2019 · Security researchers have uncovered a way for attackers to snoop on video conferences run on the Cisco WebEx and Zoom platforms. Dubbed "Prying Eye", the flaw spotted by Cequence Security is a Cisco Webex is the ONLY vendor that offers this end-to-end encryption. In addition, we have internal teams dedicated to managing, investigating, and publicly reporting on security vulnerability information related to Cisco products and networks. Cisco publicly discloses known vulnerabilities, builds products based upon a Cisco Secure Development Lifecycle (CSDL) and has an independent Security & Trust Organization (STO) independent of Webex. All our security data sheets, privacy maps and regulatory compliance certificates are available in our Trust Portal.