Security News

Cisco creates architecture to improve security and sell you new switches
2024-04-18 07:01

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cisco discloses root escalation flaw with public exploit code
2024-04-17 17:25

Cisco has released patches for a high-severity Integrated Management Controller vulnerability with public exploit code that can let local attackers escalate privileges to root. "A vulnerability in the CLI of the Cisco Integrated Management Controller could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root," the company explains.

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services
2024-04-17 08:38

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH...

Fire in the Cisco! Networking giant's Duo MFA message logs stolen in phish attack
2024-04-17 00:06

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cisco warns of large-scale brute-force attacks against VPN services
2024-04-16 16:11

Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. The researchers say the attacks started on March 18, 2024, while all attacks originate from TOR exit nodes and various other anonymization tools and proxies, which the threat actors use to evade blocks.

Cisco Duo provider breached, SMS MFA logs compromised
2024-04-16 15:20

Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA SMS message logs of Duo customers."The threat actor downloaded message logs for SMS messages that were sent to certain users under your Duo account between March 1, 2024 and March 31, 2024," the Cisco Data Privacy and Incident Response Team notified its MSP partners.

Cisco Duo warns third-party data breach exposed SMS MFA logs
2024-04-15 14:52

Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication messages in a cyberattack on their telephony provider. In emails sent to customers, Cisco Duo says an unnamed provider who handles the company's SMS and VOIP multi-factor authentication messages was compromised on April 1, 2024.

Cisco warns of password-spraying attacks targeting VPN services
2024-03-28 16:37

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN services configured on Cisco Secure Firewall devices. The company says that the attacks have also been targeting other remote access VPN services and appear to be part of reconnaissance activity.

Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
2024-03-08 10:49

Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token."The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user," Cisco says, but notes that "Individual hosts and services behind the VPN headend would still need additional credentials for successful access."

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client
2024-03-08 08:09

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted...