Security News

Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA SMS message logs of Duo customers."The threat actor downloaded message logs for SMS messages that were sent to certain users under your Duo account between March 1, 2024 and March 31, 2024," the Cisco Data Privacy and Incident Response Team notified its MSP partners.

Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication messages in a cyberattack on their telephony provider. In emails sent to customers, Cisco Duo says an unnamed provider who handles the company's SMS and VOIP multi-factor authentication messages was compromised on April 1, 2024.

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN services configured on Cisco Secure Firewall devices. The company says that the attacks have also been targeting other remote access VPN services and appear to be part of reconnaissance activity.

Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token."The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user," Cisco says, but notes that "Individual hosts and services behind the VPN headend would still need additional credentials for successful access."

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted...

Roderich Kiesewetter, deputy chairman of the German parliament's oversight committee, said the Bundeswehr leak was possibly caused by a Russian agent inside the WebEx call or the Bundeswehr's implementation of it, but the country is still working on discovering how the intrusion took place. RT has since made a number of claims after publishing the call, including that the conversation provides proof that Germany was planning to help Ukraine to destroy the Kerch Bridge that connects Russia to the illegally annexed Crimea.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)...

Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. "But the problem is nobody has complete visibility of what exploits actually exist," he added, and advised admins to upgrade to the latest ASA release on all devices that have the AnyConnect SSL VPN feature enabled on the device's interface.

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected...

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery attacks.Unauthenticated attackers can exploit the two critical CSRF vulnerabilities patched today to target unpatched Expressway gateways remotely.