Security News

Cisco warned customers today that two security vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows are being exploited in the wild. The AnyConnect Secure Mobility Client simplifies secure enterprise endpoint access and enables employees to work from anywhere while connected to a secure Virtual Private Network through Secure Sockets Layer and IPsec IKEv2.

Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities that could be exploited to read and delete files on an affected device, and to execute arbitrary script or access sensitive information.Cisco Identity Services is a policy management and access control platform for devices on networks and is a crucial element of an organization's zero-trust architecture.

The Yanluowang ransomware group behind the May attack on Cisco Systems has publicly leaked the stolen files on the dark web over the weekend, but the networking giant says there's nothing to worry about. In a blog post, Talos wrote that "We continue to see no impact to our business, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations."

Our previous analysis of this incident remains unchanged-we continue to see no impact to our business, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations. In a report in August, Cisco announced that its network had been breached by the Yanluowang ransomware after the hackers compromised an employee's VPN account.

Cisco patched three security vulnerabilities in its products this week, and said it will leave unpatched a VPN-hijacking flaw that affects four small business routers. Cisco said its Product Security Incident Response Team has not seen any public disclosures about the vulnerability nor evidence that any cybercriminal has exploited the flaw.

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit late last month. Aside from CVE-2022-28199, Cisco has also resolved a vulnerability in its Cisco SD-WAN vManage Software that could "Allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system."

Cisco says that a new authentication bypass flaw affecting multiple small business VPN routers will not be patched because the devices have reached end-of-life. "A successful exploit could allow the attacker to bypass authentication and access the IPSec VPN network," Cisco explained in a security advisory issued on Wednesday.

The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an attempted compromise of an unnamed workforce management solutions holding company a month earlier in April 2022. Initial access to the company's IT network was made possible by using stolen Virtual Private Network credentials, followed by leveraging off-the-shelf tools for lateral movement and gaining deeper access into the victim's environment.

Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord serverOffensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Cisco has been hacked by a ransomware gangU.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site.

Cisco on Wednesday released patches to contain multiple flaws in its software that could be abused to leak sensitive information on susceptible appliances.The issue, assigned the identifier CVE-2022-20866, has been described as a "Logic error" when handling RSA keys on devices running Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software.