Security News

Cisco Systems revealed details of a May hack by the Yanluowang ransomware group that leveraged a compromised employee's Google account. "During the investigation, it was determined that a Cisco employee's credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim's browser were being synchronized," wrote Cisco Talos in a lengthy breakdown of the attack.

Cisco disclosed on Wednesday that its corporate network was accessed by cyber-criminals in May after an employee's personal Google account was compromised - an act a ransomware gang named "Yanluowang" has now claimed as its work.A Cisco statement asserts the company "Did not identify any impact to [its] business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations."

Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online. Last week, the threat actor behind the Cisco attack emailed BleepingComputer a directory listing of files allegedly stolen during the attack.

Tracked as CVE-2022-20866, this security flaw is due to a weakness in handling RSA keys on ASA and FTD devices. If successfully exploited, it can let unauthenticated attackers retrieve an RSA private key remotely, which they can use to decrypt the device traffic or impersonate Cisco ASA/FTD devices.

Cisco has revealed four of its small business router ranges have critical flaws - for the second time in 2022 alone. A Wednesday advisory warns owners of the RV160, RV260, RV340, and RV345 Series Routers that the vulnerabilities could allow "An unauthenticated, remote attacker to execute arbitrary code or cause a denial of service condition on an affected device."

Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution or cause a denial-of-service condition on affected devices. The most critical of the flaws impact Cisco Small Business RV160, RV260, RV340, and RV345 Series routers.

Cisco has fixed critical security vulnerabilities affecting Small Business VPN routers and enabling unauthenticated, remote attackers to execute arbitrary code or commands and trigger denial of service conditions on vulnerable devices.Successful exploitation of CVE-2022-20842 with crafted HTTP input could allow attackers "To execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition," the company explains.

Cisco commissioned Forrester Consulting to conduct a Total Economic Impact™ study and examine the potential return on investment enterprises may realize by deploying Secure Firewall. The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Secure Firewall on their organizations.

Traditional security architecture focused on a hardened perimeter with a vulnerable interior. Modern security practices focus instead on multiple key control points, such as the network, endpoints, applications, and identities.

Network firewalls are a critical line of defense in securing enterprise networks and protecting their vital data. The rapid transition to cloud infrastructure makes managing networks quite complex and cumbersome, leaving security and information technology teams with the overwhelming task of determining proper restrictions and access.