Tag: cisco
-
Building the missing layers for an internet of agents
Cybersecurity teams are starting to think about how large language model agents might interact at scale. A new paper from Cisco Research argues that the current network stack … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/05/cisco-research-internet-of-agents-architecture/
-
Socomec DIRIS Digiware M series and Easy Config, PDF XChange Editor vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed an out-of-bounds read vulnerability in PDF XChange Editor, and ten vulnerabilities in Socomec DIRIS Digiware M series and Easy Config products.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco& First seen on blog.talosintelligence.com Jump to article:…
-
Your critical infrastructure is running out of time
Cyber attackers often succeed not because they are inventive, but because the systems they target are old. A new report by Cisco shows how unsupported technology inside … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/27/cisco-legacy-system-vulnerabilities-report/
-
Dell ControlVault, Lasso, GL.iNet vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Dell ControlVault 3 firmware and its associated Windows software, four vulnerabilities in Entr'ouvert Lasso, and one vulnerability in GL.iNet Slate AX.The vulnerabilities mentioned in this blog post have been patched by their respective First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/dell-controlvault-lasso-gl-inet-vulnerabilities/
-
Cisco Pledges More Security in Network Equipment
Company to Warn Customers, Disable Insecure Options by Default. Cisco says it will proactively alert network administrators when insecure configurations are detected and will eventually disable insecure features by default. The move comes after Chinese hackers exploited known vulnerabilities in Cisco equipment during major telecom breaches. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-pledges-more-security-in-network-equipment-a-30079
-
Cisco Pledges More Security in Network Equipment
Company to Warn Customers, Disable Insecure Options by Default. Cisco says it will proactively alert network administrators when insecure configurations are detected and will eventually disable insecure features by default. The move comes after Chinese hackers exploited known vulnerabilities in Cisco equipment during major telecom breaches. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-pledges-more-security-in-network-equipment-a-30079
-
With the Rise of AI, Cisco Sounds an Urgent Alarm About the Risks of Aging Tech
Generative AI is making it even easier for attackers to exploit old and often forgotten network equipment. Replacing it takes investment, but Cisco is making the case that it’s worth it. First seen on wired.com Jump to article: www.wired.com/story/cisco-aging-technical-infrastructure/
-
Network architectures must be rebuilt for agentic AI
Rising traffic volumes, AI-powered security threats and the move to agentic workflows will require organisations to modernise their network infrastructure First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634654/Cisco-Network-architectures-must-be-rebuilt-for-agentic-AI
-
Cisco ASA firewalls still under attack; CISA issues guidance for patch
First seen on scworld.com Jump to article: www.scworld.com/news/cisco-asa-firewalls-still-under-attack-cisa-issues-guidance-for-patch
-
New in Snort3: Enhanced rule grouping for greater flexibility and control
Today, Cisco Talos is introducing new capabilities for Snort3 users within Cisco Secure Firewall to give you greater flexibility in how you manage, organize, and prioritize detection rules. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/new-in-snort3-enhanced-rule-grouping-for-greater-flexibility-and-control/
-
Cisco Firewall, Unified CCX, and ISE Vulnerability Summary (Nov 2025)
Tags: attack, cisco, cve, exploit, firewall, remote-code-execution, service, software, vulnerabilityCVE-2025-20333 and CVE-2025-20362 Details Cisco disclosed a new active attack variant targeting and exploiting the previously known vulnerabilities in the Cisco Secure Firewall ASA and FTD software (CVE-2025-20333 and CVE-2025-20362) leading to unpatched devices to reboot/reload unexpectedly creating the conditions needed for a denial of service (DoS) attack. The critical remote code execution (RCE) […]…
-
Kraken Uses Benchmarking to Enhance Ransomware Attacks
Cisco Talos has observed overlaps between Kraken and the earlier HelloKitty cartel through attack tactics using SMB flaws for big-game hunting and double extortion First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/kraken-benchmarking-enhance/
-
Akira ransomware expands to Nutanix AHV, raising stakes for enterprise security
Tags: access, attack, backup, breach, business, cisco, data, detection, endpoint, exploit, firewall, infrastructure, leak, mfa, monitoring, network, ransomware, resilience, strategy, threat, update, veeam, vpn, vulnerability, windowsThreat that thrives in enterprise blind spots: Experts indicate that Akira leverages the blind spots that enterprises acknowledge but rarely fix. Of the blind spots, remote access tops the list, followed by patching.”Akira wins not because it has reinvented ransomware, but because it has perfected the parts enterprises fail to take seriously. It exploits the…
-
Akira ransomware expands to Nutanix AHV, raising stakes for enterprise security
Tags: access, attack, backup, breach, business, cisco, data, detection, endpoint, exploit, firewall, infrastructure, leak, mfa, monitoring, network, ransomware, resilience, strategy, threat, update, veeam, vpn, vulnerability, windowsThreat that thrives in enterprise blind spots: Experts indicate that Akira leverages the blind spots that enterprises acknowledge but rarely fix. Of the blind spots, remote access tops the list, followed by patching.”Akira wins not because it has reinvented ransomware, but because it has perfected the parts enterprises fail to take seriously. It exploits the…
-
TDL 009 – Inside DNS Threat Intelligence: Privacy, Security Innovation
Tags: access, apple, attack, automation, backup, best-practice, business, ceo, cisco, ciso, cloud, computer, control, corporate, country, crime, cybersecurity, data, dns, encryption, finance, firewall, government, infrastructure, intelligence, Internet, jobs, law, linkedin, malicious, marketplace, middle-east, monitoring, msp, network, office, privacy, regulation, risk, service, software, strategy, threat, tool, windows, zero-trustSummary Inside DNS Threat Intelligence: Privacy, Security & Innovation In this episode of the Defenders Log, host David Redekop speaks with Tim Adams, the founder of the protective DNS resolver Scout DNS. Tim shares his origin story, explaining how he transitioned from a wireless network integrator to building his own DNS solution. He saw a…
-
CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws
CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now! First seen on hackread.com Jump to article: hackread.com/cisa-attacks-cisco-asa-firepower-flaws/
-
CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws
CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now! First seen on hackread.com Jump to article: hackread.com/cisa-attacks-cisco-asa-firepower-flaws/
-
Cisco Catalyst Center Vulnerability Allows Attackers to Escalate Privileges
A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges to Administrator on affected systems. This vulnerability CVE-2025-20341 caused by insufficient validation of user-supplied input, underscores the urgent need for patching among organizations that use the affected platform. The vulnerability resides…
-
Multiple Cisco Unified CCX Vulnerabilities Enable Arbitrary Command Execution by Attackers
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate privileges to root, and bypass authentication mechanisms. The vulnerabilities reside in the Java Remote Method Invocation (RMI) process and CCX Editor application, presenting severe risks to enterprise contact center deployments.…
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…
-
Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security firm observed the Russian-speaking group conducting big-game hunting and double-extortion attacks against enterprise environments worldwide. Kraken represents a significant evolution in ransomware threats due to…
-
Amazon Exposes Advanced APT Exploiting Cisco ISE (RCE) and Citrix Bleed Two as Simultaneous Zero-Days
The post Amazon Exposes Advanced APT Exploiting Cisco ISE (RCE) and Citrix Bleed Two as Simultaneous Zero-Days appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/amazon-exposes-advanced-apt-exploiting-cisco-ise-rce-and-citrix-bleed-two-as-simultaneous-zero-days/
-
Hackers Exploited Cisco ISE Zero-Day
Tags: access, authentication, cisco, control, exploit, flaw, hacker, hacking, network, remote-code-execution, software, vulnerability, zero-dayFlaw Enabled Remote Code Execution, Say AWS Researchers. Researchers from AWS said they spotted a hacking campaign taking advantage of a zero-day vulnerability in Cisco network access control software before the routing giant patched it earlier this year. The flaw let attackers perform pre-authentication remote code execution. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hackers-exploited-cisco-ise-zero-day-a-30031
-
Feds Fumble Cisco Patches as China-Linked Hackers Strike
CISA Says Agencies Believed They Patched Cisco Flaws But Had Not. The U.S. cyber defense agency issued new patch guidance after discovering multiple federal agencies failed to properly secure Cisco firewalls, leaving federal networks exposed to exploitation by a suspected Chinese threat actor despite a prior emergency directive. First seen on govinfosecurity.com Jump to article:…
-
CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government
The federal cybersecurity agency said some government departments had been actively exploited after failing to properly patch their systems. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/13/cisa-warns-federal-agencies-to-patch-flawed-cisco-firewalls-amid-active-exploitation-across-the-us-government/
-
>>Patched<< but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/
-
>>Patched<< but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/
-
Zero-day exploits hit Cisco ISE and Citrix systems in an advanced campaign
Tags: access, attack, authentication, cisco, citrix, credentials, defense, encryption, endpoint, exploit, identity, infrastructure, monitoring, network, risk, service, tactics, threat, update, zero-daypatch-gap exploitation technique is a hallmark of sophisticated threat actors who closely monitor security updates and quickly weaponize vulnerabilities.”Amazon did not immediately respond to CSO’s queries on why it’s sharing information about the zero-day exploits months after.After gaining access, the actor deployed a tailor-made web shell disguised as the “IdentityAuditAction” component of Cisco ISE. It…