Tag: cisco
-
Exposed LLM Servers Expose Ollama Risks
Over 1,100 Ollama Servers Leave Enterprise Models Vulnerable: Cisco Talos. More than a thousand servers running Ollama, a tool that can deploy artificial intelligence models locally, are exposed to the open internet, leaving many of them vulnerable to misuse and potential attacks. The bulk are dormant, but could be exploited through misconfiguration, Cisco Talos said.…
-
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
Tags: advisory, attack, authentication, breach, china, cisco, communications, container, corporate, country, cyber, data, exploit, firmware, flaw, government, group, hacking, infrastructure, intelligence, Internet, ivanti, malware, military, monitoring, network, password, router, service, software, technology, threat, update, vulnerability, zero-dayIvanti, Palo Alto Networks, Cisco flaws exploited: Salt Typhoon has been active since at least 2021, targeting critical infrastructure in telecom, transportation, government, and military bodies around the globe. Notably, a “cluster of activity” has been observed in the UK, according to the country’s National Cyber Security Centre.The group has had “considerable success” with “n-days,”…
-
Palo Alto, Fortinet, Check Point Control Firewall Gartner MQ
Cisco Visionary, HPE Juniper Challenger in Inaugural Hybrid Mesh Firewall Ranking. Network security behemoths Palo Alto Networks, Fortinet and Check Point Software topped Gartner’s first-ever Magic Quadrant for hybrid mesh firewalls. Gartner said the firewall market is moving toward centralized orchestration, interoperability and AI-powered automation. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/palo-alto-fortinet-check-point-control-firewall-gartner-mq-a-29336
-
Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks
Tags: access, advisory, attack, authentication, china, cisa, cisco, credentials, cve, cyber, cybersecurity, data, espionage, exploit, firewall, fortinet, germany, government, identity, infrastructure, injection, ivanti, kev, malicious, microsoft, military, mitigation, mitre, network, remote-code-execution, risk, software, tactics, threat, update, vulnerability, zero-dayAn analysis of Tenable telemetry data shows that the vulnerabilities being exploited by Chinese state-sponsored actors remain unremediated on a considerable number of devices, posing major risk to the organizations that have yet to successfully address these flaws. Background Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ)…
-
Cisco UCS Manager Software Flaw Allows Attackers to Inject Malicious Commands
Cisco has released urgent security updates to remediate two medium-severity command injection vulnerabilities in its UCS Manager Software that could allow authenticated administrators to execute arbitrary commands and compromise system integrity. Disclosed on August 27, 2025, the advisory (cisco-sa-ucs-multi-cmdinj-E4Ukjyrz) affects multiple UCS fabric interconnect platforms and underscores the importance of timely patching to prevent potential…
-
Cisco IMC Virtual Keyboard Vulnerability Allows Attackers to Redirect Users to Malicious Websites
Cisco has released urgent security updates to remediate a high-severity vulnerability in its Integrated Management Controller (IMC) virtual keyboard video monitor (vKVM) module that could allow unauthenticated, remote attackers to hijack sessions and redirect users to malicious websites. The flaw, tracked as CVE-2025-20317, carries a CVSS base score of 7.1 and affects a wide range…
-
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors.”While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and First seen on thehackernews.com Jump…
-
Cisco Nexus 3000 9000 Vulnerability Enables DoS Attacks
Cisco has issued a high-severity security advisory warning of a dangerous vulnerability in its Nexus 3000 and 9000 Series switches that could allow attackers to trigger denial of service (DoS) attacks through crafted network packets. The vulnerability, tracked asCVE-2025-20241and assigned a CVSS score of 7.4, affects the Intermediate System-to-Intermediate System (IS-IS) feature in Cisco NX-OS…
-
Chinese Telecom Hackers Strike Worldwide
US and Allies Warn About Persistent and Long Term Access to Network Equipment. The Chinese hackers responsible for breaking into telecom networks across the globe capitalize on already documented vulnerabilities, principally in Cisco routing equipment, warn a slew of national cybersecurity agencies. Hackers use publicly known vulnerabilities with CVE designations. First seen on govinfosecurity.com Jump…
-
Libbiosig, Tenda, SAIL, PDF XChange, Foxit vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed ten vulnerabilities in BioSig Libbiosig, nine in Tenda AC6 Router, eight in SAIL, two in PDF-XChange Editor, and one in a Foxit PDF Reader.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in First seen on blog.talosintelligence.com Jump to article:…
-
New Stealthy Malware Hijacking Cisco, TP-Link, and Other Routers for Remote Control
FortiGuard Labs has uncovered a sophisticated malware campaign targeting critical infrastructure devices from multiple vendors, with the >>Gayfemboy
-
New Stealthy Malware Hijacking Cisco, TP-Link, and Other Routers for Remote Control
FortiGuard Labs has uncovered a sophisticated malware campaign targeting critical infrastructure devices from multiple vendors, with the >>Gayfemboy
-
IoT under siege: The return of the Mirai-based Gayfemboy Botnet
Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign. FortiGuard Labs researchers tracked a new Gayfemboy botnet campaign, the malware exploits known flaws in DrayTek, TP-Link, Raisecom, and Cisco, showing evolved tactics and renewed activity. The Gayfemboy botnet was first identified in February 2024, it borrows the…
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…
-
Remote Code Execution – Cisco Firewalls bedroht durch CVSS-10-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-im-cisco-secure-firewall-management-center-a-ea347b0f1acc3e110b1da23c7ee3ff70/
-
Moscow exploiting seven-year-old Cisco flaw, says FBI
US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco’s operating system software. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629846/Moscow-exploiting-seven-year-old-Cisco-flaw-says-FBI
-
Moscow exploiting seven-year-old Cisco flaw, says FBI
US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco’s operating system software. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629846/Moscow-exploiting-seven-year-old-Cisco-flaw-says-FBI
-
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hacking-cisco-switches-fbi-warning/758206/
-
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hacking-cisco-switches-fbi-warning/758206/
-
Russian Hackers Hitting Critical Infrastructure, FBI Warns
Tags: cisco, cyberespionage, espionage, exploit, government, group, hacker, infrastructure, intelligence, russia, vulnerabilityState-Sponsored Espionage Group Tied to Exploits of No-Longer-Supported Cisco Gear. Russian intelligence hackers are using obsolete and unpatched equipment made by networking mainstay Cisco Systems to further stealthy and ongoing cyberespionage operations, the U.S. federal government warned Wednesday. Hackers exploit a vulnerability in the Smart Install feature of Cisco devices. First seen on govinfosecurity.com Jump…
-
Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/21/cve-2018-0171-cisco-cyber-espionage/
-
Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw
Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices, prompting warnings from the FBI and Cisco Talos First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-espionage-group-targets/
-
Russian hackers exploit old Cisco flaw to target global enterprise networks
Six-year-old vulnerability still wreaking havoc: At the heart of this campaign lies CVE-2018-0171, a critical vulnerability that affected Cisco IOS software’s Smart Install feature and allowed unauthenticated remote attackers to execute arbitrary code or trigger denial-of-service conditions.Despite Cisco patching the flaw in 2018, Static Tundra continued exploiting unpatched devices, particularly those that reached end-of-life status,…
-
FBI warns of Russian hackers exploiting 7-year-old Cisco flaw
The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia’s Federal Security Service (FSB) are targeting critical infrastructure organizations in attacks exploiting a 7-year-old vulnerability in Cisco devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-russian-hackers-exploiting-cisco-flaw-in-critical-infrastructure-attacks/
-
Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial System Configs
Static Tundra, a Russian state-sponsored threat actor connected to the FSB’s Center 16 unit, has been responsible for a sustained cyber espionage effort, according to information released by Cisco Talos. Operating for over a decade, this group specializes in compromising network devices to facilitate long-term intelligence gathering, with a focus on extracting configuration data from…
-
FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the…