Security News

Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal and Unified Contact Center Domain Manager that could be exploited by a remote attacker to take control of an affected system. "With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP," Cisco noted in an advisory published this week.

The campaign was first detected in October and is using services like AWS and Azure to hide its tracks and evade detection. Talos, Cisco's cybersecurity research arm, reports it has detected a new malware campaign that is using public cloud infrastructure to host and deliver variants of three remote access trojans while maintaining enough agility to avoid detection.

Cisco's Vijoy Pandey has tools and tips to help businesses get visibility into their APIs. APIs are responsible for taking some of the most valuable data that an organization uses and sending that data, when requested, to another application using the API to decode that data in a way the app can understand and return to its user.

Cisco's new Shared Signals and Events framework is designed to make life easier for security analysts by improving interoperability and supporting zero trust security. Shared signals is pretty much exactly what it sounds like: a standard communication method for security changes that has the potential to reduce "Unnecessary, rote re-authentications or authorizations" and allow far more precise reactions to changes in security parameters.

The new product, Cisco Secure Cloud Insights, offers cloud inventory tracking and relationship mapping to navigate public clouds as well as access rights management and security compliance reporting. Cisco announced this week it has partnered with cloud security and governance platform provider JupiterOne to launch Cisco Secure Cloud Insights.

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco Policy Suite.

Cisco has released security updates to address critical security flaws allowing unauthenticated attackers to log in using hard-coded credentials or default SSH keys to take over unpatched devices. "A vulnerability in the Telnet service of Cisco Catalyst PON Series Switches ONT could allow an unauthenticated, remote attacker to log in to the affected device by using a debugging account that has a default, static password," the company explains in an advisory published yesterday.

A new bad actor called Tortilla is running the campaign, and most affected users are in the U.S. Cisco Talos has a warning out for U.S. companies about a new variant of the Babuk ransomware. Security researchers Chetan Raghuprasad, Vanja Svajcer and Caitlin Huey describe the new threat in a Talos Intelligence blog post.

Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow arbitrary code execution.The bug is an OS command-injection issue, which enables attackers to execute unexpected, dangerous commands directly on the operating system that normally wouldn't be accessible.