Security News

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
2023-05-05 05:16

Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices.The company credited Catalpa of DBappSecurity for reporting the shortcoming.

Cisco phone adapters vulnerable to RCE attacks, no fix available
2023-05-04 17:28

Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices. These phone adapters are a popular choice in the industry for incorporating analog phones into VoIP networks without upgrading.

Threat actor APT28 targets Cisco routers with an old vulnerability
2023-04-28 16:36

Threat actor APT28 is exploiting an old vulnerability in Cisco routers using Simple Network Management Protocol versions 1, 2c and 3 to target the U.S., Europe and Ukraine. The advisory states that in 2021, APT28 used malware to exploit an SNMP vulnerability, known as CVE-2017-6742, that was reported and patched on June 29, 2017, by Cisco.

Cisco discloses XSS zero-day flaw in server management tool
2023-04-26 18:51

Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment software that can be exploited for cross-site scripting attacks. Tracked as CVE-2023-20060, the bug was found in the web-based management interface of Cisco PCD 14 and earlier by Pierre Vivegnis of the NATO Cyber Security Centre.

RSA: Cisco launches XDR, with focus on platform-based cybersecurity
2023-04-25 22:41

Find out why extended detection and response was at the center of Cisco's launch activities at RSA, including the company's announcement about its cloud-based XDR service. XDR is not SIEM. Gillis explained that XDR serves a different purpose than traditional security information and event management.

Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
2023-04-21 05:41

Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems. The most severe of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director, which resides in the web UI component and arises as a result of improper input validation when uploading a Device Pack.

U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
2023-04-19 09:30

U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The activity has been attributed to a threat actor tracked as APT28, which is also known as Fancy Bear, Forest Blizzard, FROZENLAKE, and Sofacy, and is affiliated with the Russian General Staff Main Intelligence Directorate.

US, UK warn of govt hackers using custom malware on Cisco routers
2023-04-18 21:42

The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, allowing unauthenticated access to the device. A joint report released today by the UK National Cyber Security Centre, US Cybersecurity and Infrastructure Security Agency, the NSA, and the FBI details how the APT28 hackers have been exploiting an old SNMP flaw on Cisco IOS routers to deploy a custom malware named 'Jaguar Tooth.

Russian snoops just love invading unpatched Cisco gear, America and UK warn
2023-04-18 20:45

The UK and US governments have sounded the alarm on Russian intelligence targeting unpatched Cisco routers to deploy malware and carry out surveillance. In a joint advisory issued Tuesday, the UK National Cyber Security Centre, the NSA, America's Cybersecurity and Infrastructure Security Agency and the FBI provided details about how Russia's APT28 - aka FancyBear and Stronium - exploited an old vulnerability in unpatched Cisco routers in 2021 to collect network information belonging to European and US government organizations, and about 250 Ukrainian victims.

Cisco kindly reveals proof of concept attacks for flaws in rival Netgear's kit
2023-03-22 22:57

Public proof-of-concept exploits have landed for bugs in Netgear Orbi routers - including one critical command execution vulnerability. The four vulnerabilities are found in Netgear's Orbi mesh wireless system, including its main router and the satellite routers that extend WiFi networks.