Security News

Cisco's Talos security unit says it has detected an increased rate of attacks on targets on the Indian subcontinent and named an advanced persistent threat actor named SideCopy as the source. SideCopy's infrastructure, Talos opined, "Indicates a special interest in victims in Pakistan and India," as the malware used only initiates actions if it detects infections in those two countries.

A security vulnerability in Cisco Adaptive Security Appliance that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept exploit code. The PoC was published by researchers from cybersecurity firm Positive Technologies on June 24, following which reports emerged that attackers are chasing after an exploit for the bug.

Attackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software. Active attacks apparently started after Positive Technologies researchers shared proof-of-concept exploit code last Thursday via Twitter.

With four million subscribers today, Rakuten Mobile continues to advance and scale its network to support new demands driven by the growth of remote and mobile workers. With the implementation of Segment Routing over IPv6 and Cisco Routed Optical Networking, Rakuten Mobile plans to expand its capabilities to support enterprise customers with 5G and IoT services.

A cross-site scripting vulnerability patched last year in Cisco's Adaptive Security Appliance and Firepower Threat Defense software has reportedly been exploited in the wild. Reports of in-the-wild exploitation emerged shortly after cybersecurity firm Positive Technologies released a proof-of-concept exploit for the vulnerability tracked as CVE-2020-3580.

Hackers are scanning for and actively exploiting a vulnerability in Cisco ASA devices after a PoC exploit was published on Twitter. This Cisco ASA vulnerability is cross-site scripting vulnerability that is tracked as CVE-2020-3580.

Researchers at Positive Technologies published the PoC for the bug on Thursday. Real-World Attacks for Cisco ASA. The Cisco ASA is a cybersecurity perimeter-defense appliance that combines firewall, antivirus, intrusion prevention and virtual private network capabilities, all meant to stop threats from making it onto corporate networks.

A researcher has identified several vulnerabilities, including ones that have been rated high severity, in Cisco's Small Business 220 series smart switches. The vulnerabilities were discovered by security researcher Jasper Lievisse Adriaanse, and they impact switches that run firmware versions earlier than 1.2.0.6 and have the web-based management interface enabled - the interface is enabled by default.

Cisco has flagged and patched several high-severity security vulnerabilities in its Cisco Small Business 220 Series Smart Switches that could allow session hijacking, arbitrary code execution, cross-site scripting and HTML injection. Finally, CVE-2021-1571 could allow an unauthenticated, remote attacker to conduct a HTML injection attack.

Cisco announced a new portfolio of Catalyst industrial routers to extend the power of the enterprise network to the edge with the flexibility, security and scalability needed for IoT success. Three new Catalyst 5G Industrial Routers to securely connect mobile and fixed assets: These new routers are based on Cisco IOS XE to extend the enterprise network and SD-WAN to the edge.