Security News

Cisco says critical Unity Connection bug lets attackers get root
2024-01-10 20:42

Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices. Unity Connection is a fully virtualized messaging and voicemail solution for email inboxes, web browsers, Cisco Jabber, Cisco Unified IP Phone, smartphones, or tablets with high availability and redundancy support.

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
2023-12-15 14:17

A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the...

Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware
2023-12-06 14:36

We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader malware. More ransomware actors switched to extortion rather than encryption, while commodity loaders evolved to be stealthier and highly effective, although new major security improvements have seen the day in 2023, such as Microsoft Office disabling macros by default.

Cisco intros AI to find firewall flaws, warns this sort of thing can't be free
2023-12-06 04:29

Cisco's executive veep for security Jeetu Patel has predicted that AI will change the infosec landscape, but that end users will eventually pay for the privilege of having a binary brainbox by their side when they go into battle. Speaking at the Asia Pacific incarnation of the Cisco Live event today, in Melbourne, Australia, Patel offered the infosec maxim that attackers only need to get it right once, but defenders need to get it right every time.

Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis
2023-11-13 15:02

Criminal IP, a prominent Cyber Threat Intelligence search engine developed by AI SPERA, has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors by providing a comprehensive solution for threat intelligence and risk assessment. Cisco is a global leader in technology that delivers innovative software-defined networking, cloud, and security solutions, including secure access, vulnerability management, network segmentation, and threat response.

Exploit released for critical Cisco IOS XE flaw, many hosts still hacked
2023-10-31 03:09

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but thousands of systems continue to be compromised, internet scans show.

Cisco Patches 2 Dangerous Zero-Day Vulnerabilities
2023-10-24 20:55

Cisco has patched two zero-day vulnerabilities that exposed Cisco IOS XE system software hosts to attackers. These vulnerabilities affected devices running the Cisco IOS XE software, such as routers and switches.

Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection
2023-10-24 06:33

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting...

Cisco fixes critical IOS XE bug but malware crew way ahead of them
2023-10-23 22:15

After a six-day wait, Cisco started rolling out a patch for a critical bug that miscreants had exploited to install implants in thousands of devices. The flaw in the networking giant's IOS XE software, which allowed criminals to hijack thousands of Cisco switches and routers, first came to light last Monday.

Cisco patches IOS XE zero-days used to hack over 50,000 devices
2023-10-23 14:08

Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. Both vulnerabilities, which Cisco tracks as CSCwh87343, are in the web UI of Cisco devices running the IOS XE software.