Tag: cisco
-
Critical Cisco UCCX flaw lets attackers run commands as root
Cisco has released security updates to patch a critical vulnerability in the Unified Contact Center Express (UCCX) software, which could enable attackers to execute commands with root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-cisco-uccx-flaw-lets-hackers-run-commands-as-root/
-
Cisco Confirms Active Exploitation of Secure ASA and FTD RCE Vulnerability
Cisco has issued a critical warning about ongoing attacks targeting a severe remote code execution vulnerability affecting its Secure Firewall, Adaptive Security Appliance, and Threat Defense Software. The company updated its security advisory on November 5, 2025, revealing that threat actors have discovered a new attack variant capable of fully compromising devices on unpatched systems.…
-
Do robots dream of secure networking? Teaching cybersecurity to AI systems
This blog demonstrates a proof of concept using LangChain and OpenAI, integrated with Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/do-robots-dream-of-secure-networking/
-
Do robots dream of secure networking? Teaching cybersecurity to AI systems
This blog demonstrates a proof of concept using LangChain and OpenAI, integrated with Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/do-robots-dream-of-secure-networking/
-
Cisco beefs up secure AI enterprise network architecture
IT and networking giant builds on enterprise network architecture with systems designed to simplify operations across campus and branch deployments such as network configuration First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634213/Cisco-beefs-up-secure-AI-enterprise-network-architecture
-
Hackers targeting Cisco IOS XE devices with BadCandy implant
Security researchers and Australian authorities warn that exploitation activity is ongoing. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-cisco-ios-xe-devices-badcandy-implant/804753/
-
Cisco channel chief talks 360, AI and partner value
As the vendor pulls thousands of its partners together for its summit, its recently installed channel leader shares his thoughts on a range of issues First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366633909/Cisco-channel-chief-talks-360-AI-and-partner-value
-
TruffleHog, Fade In and BSAFE Crypto-C vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Dell BSAFE, two in Fade In screenwriting software, and one in Trufflehog The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/trufflehog-fade-in-and-bsafe-crypto-c-vulnerabilities/
-
Seit zwei Jahren ungepatcht: 15.000 Cisco-Geräte mit Malware infiziert
Angreifer bedienen sich einer seit 2023 bekannten Sicherheitslücke, um Cisco-Geräte zu kompromittieren. Entfernte Malware kommt ständig zurück. First seen on golem.de Jump to article: www.golem.de/news/seit-zwei-jahren-ungepatcht-15-000-cisco-geraete-mit-malware-infiziert-2511-201822.html
-
G42 and Cisco expand strategic partnership to drive AI innovation and infrastructure growth
The UAE-based tech group and global networking giant will co-develop secure AI infrastructure and cyber security solutions to support high-performance computing and datacentre growth First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634040/G42-and-Cisco-expand-strategic-partnership-to-drive-AI-innovation-and-infrastructure-growth
-
G42 and Cisco expand strategic partnership to drive AI innovation and infrastructure growth
The UAE-based tech group and global networking giant will co-develop secure AI infrastructure and cyber security solutions to support high-performance computing and datacentre growth First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634040/G42-and-Cisco-expand-strategic-partnership-to-drive-AI-innovation-and-infrastructure-growth
-
G42 and Cisco expand strategic partnership to drive AI innovation and infrastructure growth
The UAE-based tech group and global networking giant will co-develop secure AI infrastructure and cyber security solutions to support high-performance computing and datacentre growth First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634040/G42-and-Cisco-expand-strategic-partnership-to-drive-AI-innovation-and-infrastructure-growth
-
China-Linked Hackers Target Cisco Firewalls in Global Campaign
New reports show China-based hackers are targeting US federal, state, and global government networks via unpatched Cisco firewalls. Get the full details and necessary steps to secure devices. First seen on hackread.com Jump to article: hackread.com/china-hackers-target-cisco-firewalls/
-
China-Linked Hackers Target Cisco Firewalls in Global Campaign
New reports show China-based hackers are targeting US federal, state, and global government networks via unpatched Cisco firewalls. Get the full details and necessary steps to secure devices. First seen on hackread.com Jump to article: hackread.com/china-hackers-target-cisco-firewalls/
-
BadCandy Implant Hits Cisco Devices Across Australia
Devices Unpatched Since October 2023 Are Vulnerable. The Australian cyber defense agency warned that hackers are attacking unpatched Cisco IOS XE enterprise devices to leave behind a web shell the networking manufacturer calls BadCandy. At least 150 Cisco devices in Australia carry the implant as of late October. First seen on govinfosecurity.com Jump to article:…
-
Cisco steps up security options for MSPs
Cisco’s cloud platform enhancements have been designed to make life easier for its managed service provider base First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366633961/Cisco-steps-up-security-options-for-MSPs
-
Security Affairs newsletter Round 548 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day…
-
Security Affairs newsletter Round 548 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government China-linked UNC6384 exploits Windows zero-day…
-
BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government
Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell infections and admin takeover. >>Cyber actors are installing an implant dubbed ‘BADCANDY’ on Cisco IOS XE devices that are vulnerable…
-
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability
The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY.The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical vulnerability that allows a remote, unauthenticated attacker to create an…
-
Cisco IOS XE Vulnerability Being Abused in the Wild to Plant BADCANDY
Cybersecurity authorities are raising urgent alarms as threat actors continue to exploit a critical vulnerability in Cisco IOS XE devices, deploying a malicious implant known as BADCANDY across networks worldwide. The Australian Signals Directorate (ASD) has confirmed that over 150 devices remain compromised in Australia alone as of late October 2025, despite ongoing remediation efforts…
-
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
In a report shared with Recorded Future News, Unit 42 attributed the targeting of Cisco ASA devices to Storm-1849, a China-based threat group that Cisco previously said has been attacking the tools since 2024. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-scan-exploit-firewalls-government
-
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
In a report shared with Recorded Future News, Unit 42 attributed the targeting of Cisco ASA devices to Storm-1849, a China-based threat group that Cisco previously said has been attacking the tools since 2024. First seen on therecord.media Jump to article: therecord.media/chinese-hackers-scan-exploit-firewalls-government
-
Australia warns of BadCandy infections on unpatched Cisco devices
The Australian government is warning about ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/australia-warns-of-badcandy-infections-on-unpatched-cisco-devices/
-
Old threats, new consequences: 90% of cyber claims stem from email and remote access
Tags: access, ai, attack, awareness, cisco, ciso, citrix, cloud, communications, control, credentials, cve, cyber, cybersecurity, data, defense, detection, email, encryption, finance, fraud, hacker, insurance, mail, malicious, microsoft, network, phishing, phone, ransomware, risk, sophos, tactics, threat, tool, update, vpn, vulnerability2025 InsurSec Rankings Report, email and remote access remain the most prominent cyber threat vectors, accounting for 90% of cyber insurance claims in 2024.And, no surprise, larger companies continue to get hit hardest. But, interestingly, the virtual private networks (VPNs) many rely on are anything but secure, despite assumptions to the contrary.”We know from our…
-
Notable post-quantum cryptography initiatives paving the way toward Q-Day
Tags: attack, awareness, cisa, cisco, communications, computer, computing, crypto, cryptography, cyber, cybersecurity, data, encryption, finance, framework, google, government, group, guide, ibm, infrastructure, intelligence, Internet, iot, linux, microsoft, mitre, ml, nist, nvidia, open-source, service, side-channel, software, supply-chain, technology, theft, threat, tool, vulnerabilityIndustry heavyweights line up behind PQC: Google”¯Chrome became the first mainstream browser to support hybrid post”‘quantum key exchanges by default late last year.The approach combines classical elliptic-curve encryption, for backwards compatibility, with lattice-based PQC derived from ML-KEM.Other industry giants, including Amazon and IBM, have also begun laying foundations for quantum-safe cryptography. For example, IBM has…
-
Notable post-quantum cryptography initiatives paving the way toward Q-Day
Tags: attack, awareness, cisa, cisco, communications, computer, computing, crypto, cryptography, cyber, cybersecurity, data, encryption, finance, framework, google, government, group, guide, ibm, infrastructure, intelligence, Internet, iot, linux, microsoft, mitre, ml, nist, nvidia, open-source, service, side-channel, software, supply-chain, technology, theft, threat, tool, vulnerabilityIndustry heavyweights line up behind PQC: Google”¯Chrome became the first mainstream browser to support hybrid post”‘quantum key exchanges by default late last year.The approach combines classical elliptic-curve encryption, for backwards compatibility, with lattice-based PQC derived from ML-KEM.Other industry giants, including Amazon and IBM, have also begun laying foundations for quantum-safe cryptography. For example, IBM has…