Tag: cisco
-
For application security: SCA, SAST, DAST and MAST. What next?
Tags: advisory, ai, application-security, automation, best-practice, business, cisa, cisco, cloud, compliance, container, control, cve, data, exploit, flaw, framework, gartner, government, guide, ibm, incident response, infrastructure, injection, kubernetes, least-privilege, ml, mobile, network, nist, resilience, risk, sbom, service, software, sql, supply-chain, threat, tool, training, update, vulnerability, waf<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?quality=50&strip=all&w=1024" alt="Chart: Posture, provenance and proof." class="wp-image-4115680" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?quality=50&strip=all 1430w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=768%2C431&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=1024%2C575&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2026/01/posture-provenance-proof.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”575″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> Sunil GentyalaOver the past year the community has admitted the obvious: the battleground is the software supply chain and…
-
No Rest in 2026 as Patch Alerts Amass for Cisco, HPE and n8n
Cisco Fixes ISE Bug; HPE OneView Under Fire; Exploit Code Drops for n8n Flaw. The new year is off to a fresh start on the vulnerability and exploit alert front: Cisco has patched a critical Identity Services Engine; cybersecurity officials warn that an HPE OneView vulnerability is being actively exploited; and proof-of-concept exploits drop for…
-
DNS-Fehler: Unzählige Cisco-Switches plötzlich in Bootschleife gefangen
Switches von Cisco starten sich alle paar Minuten neu und beeinträchtigen damit Unternehmensnetze. Verzweifelte Admins suchen online nach Hilfe. First seen on golem.de Jump to article: www.golem.de/news/dns-fehler-unzaehlige-cisco-switches-ploetzlich-in-bootschleife-gefangen-2601-203989.html
-
Global DNS Crash Triggers Reboot Loops Across Cisco Small Business Switches
A DNS Crash disrupted networks around the world on January 8, 2026, after a flaw in the DNS client service caused multiple Cisco Small Business Switches to reboot repeatedly and, in some cases, completely core dump. The outage affected organizations of all sizes, from small IT teams managing a handful of switches to administrators responsible…
-
Global DNS Crash Triggers Reboot Loops Across Cisco Small Business Switches
A DNS Crash disrupted networks around the world on January 8, 2026, after a flaw in the DNS client service caused multiple Cisco Small Business Switches to reboot repeatedly and, in some cases, completely core dump. The outage affected organizations of all sizes, from small IT teams managing a handful of switches to administrators responsible…
-
Cisco identifies vulnerability in ISE network access control devices
rotate ISE credentials for those with existing and approved access;ensure only those who need access have credentials;reduce the number of devices that can access the ISE server;patch as soon as it’s possible to take the server offline.In its notice to customers, Cisco says a vulnerability [CVE-2026-20029] in the licensing features of ISE and Cisco ISE…
-
Cisco switches hit by reboot loops due to DNS client bug
Multiple Cisco switch models are suddenly experiencing reboot loops after logging fatal DNS client errors, according to reports seen by BleepingComputer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-switches-hit-by-reboot-loops-due-to-dns-client-bug/
-
Patch Cisco ISE bug now before attackers abuse proofconcept exploit
No reports of active exploitation “¦ yet First seen on theregister.com Jump to article: www.theregister.com/2026/01/08/rcisco_ise_bug_poc/
-
Cisco ISE Flaw Lets Admins Access Restricted System Files
A Cisco ISE flaw lets authenticated admins access restricted system files, risking sensitive data exposure. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisco-ise-flaw-lets-admins-access-restricted-system-files/
-
Cisco ISE Vulnerability Enables Access to Sensitive Data
Cisco has disclosed a new XML External Entity (XXE) vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow authenticated attackers with administrative access to read sensitive data from the underlying operating system. The vulnerability is tracked as CVE-2026-20029 and is rated CVSS 4.9 (medium severity), but its…
-
Cisco Snort 3 Vulnerability Leading to Sensitive Data Disclosure
Cisco has disclosed two critical vulnerabilities in the Snort 3 detection engine affecting multiple enterprise security products, including firewalls, threat defense systems, and edge platforms. The vulnerabilities, tracked as CVE-2026-20026 and CVE-2026-20027 under advisory cisco-sa-snort3-dcerpc-vulns-J9HNF4tH, could allow unauthenticated remote attackers to leak sensitive information or cause denial-of-service conditions by disrupting packet inspection capabilities. The vulnerabilities…
-
Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability
Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) after a public PoC exploit was disclosed. The vulnerability resides in the licensing feature of Cisco ISE…
-
Cisco Snort 3 Security Flaws Threaten Network Inspection
Cisco Snort 3 flaws allow unauthenticated attacks that disrupt inspection or leak sensitive data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisco-snort-3-security-flaws-threaten-network-inspection/
-
Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release
Cisco has released updates to address a medium-severity security flaw in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit.The vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), resides in the licensing feature and could allow an authenticated, remote attacker with administrative privileges to gain access to First seen…
-
Cisco warns of Identity Service Engine flaw with exploit code
Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-identity-service-engine-flaw-with-exploit-code/
-
How Cisco Talos powers the solutions protecting your organization
What happens under the hood of Cisco’s security portfolio? Our reputation and detection services apply Talos’ real-time intelligence to detect and block threats. Here’s how. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/how-cisco-talos-powers-the-solutions-protecting-your-organization/
-
Why a Cisco-Axonius Deal Makes Sense, and Why It Might Not
Despite Cisco’s Cyber Struggles, the Perks of Offering Asset Management Are Clear Cisco is eyeing what would be its third-largest cybersecurity acquisition ever, Calcalist reported: a $2 billion buy of New York-based asset management vendor Axonius. The Israeli business publication said Sunday the two sides are in advanced negotiations. Axonius denied the Calcalist report. First…
-
Why a Cisco-Axonius Deal Makes Sense, and Why It Might Not
Despite Cisco’s Cyber Struggles, the Perks of Offering Asset Management Are Clear Cisco is eyeing what would be its third-largest cybersecurity acquisition ever, Calcalist reported: a $2 billion buy of New York-based asset management vendor Axonius. The Israeli business publication said Sunday the two sides are in advanced negotiations. Axonius denied the Calcalist report. First…
-
Cisco XDR in 30: Turning Security Signals Into Confident Action
How network-led Cisco XDR helps teams see threats clearly and respond faster First seen on theregister.com Jump to article: www.theregister.com/2026/01/02/cisco-xdr-in-30/
-
Agentic AI already hinting at cybersecurity’s pending identity crisis
Agentic AI’s identity crisis: Authentication and agentic experts interviewed, three of whom estimate that less than 5% of enterprises experimenting with autonomous agents have deployed agentic identity systems, say the reasons for this lack of security hardening are varied.First, many of these efforts are effectively shadow IT, where a line of business (LOB) executive has…
-
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission the right way … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/21/week-in-review-exploited-zero-day-in-cisco-email-security-appliances-kali-linux-2025-4-released/
-
Hackers Stole Millions of PornHub Users’ Data for Extortion
Plus: Cisco discloses a zero-day with no available patch, Venezuela accuses the US of a cyberattack, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-hackers-stole-millions-of-pornhub-users-data-for-extortion/
-
Hackers Stole Millions of PornHub Users’ Data for Extortion
Plus: Cisco discloses a zero-day with no available patch, Venezuela accuses the US of a cyberattack, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-hackers-stole-millions-of-pornhub-users-data-for-extortion/
-
Hundreds of Cisco customers are vulnerable to new Chinese hacking campaign, researchers say
Cisco warned that Chinese government hackers are exploiting a zero-day in some of its products. Researchers now say there are hundreds of vulnerable Cisco customers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/19/hundreds-of-cisco-customers-are-vulnerable-to-new-chinese-hacking-campaign-researchers-say/
-
Cisco VPNs, Email Services Hit in Separate Threat Campaigns
The company suffered one sophisticated five-alarm campaign and one messy spray-and-pray attack, mere days apart. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cisco-vpns-email-services-threat-campaigns
-
SentinelOne Hires Google, Cisco And Symantec Vet As New CTO
SentinelOne hires cybersecurity leader Jeff Reed as its new chief technology officer, who has experience working at Cisco, Google Cloud and Symantec. First seen on crn.com Jump to article: www.crn.com/news/cloud/2025/sentinelone-hires-google-cisco-and-symantec-vet-as-new-cto
-
Chinese Hackers Target Cisco’s Email Security Systems
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Target Cisco’s Email Security Systems appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-email-security-breach/
-
Über deutsche IP-Adressen: Hacker attackieren massenhaft VPN-Zugänge
VPN-Zugänge von Cisco und Palo Alto Networks werden angegriffen. Die Attacken scheinen primär über einen deutschen Hoster zu laufen. First seen on golem.de Jump to article: www.golem.de/news/ueber-deutsche-ip-adressen-hacker-attackieren-massenhaft-vpn-zugaenge-2512-203459.html
-
Attackers bring their own passwords to Cisco and Palo Alto VPNs
Tags: authentication, cisco, credentials, data-breach, endpoint, infrastructure, login, malicious, mfa, password, threat, vpnBrute-forcing Cisco’s SSL VPN follows: Just a day after the GlobalProtect surge, the same actor infrastructure pivoted to Cisco’s SSL VPN endpoints, with the same TCP fingerprint and hosting provider IP space. GreyNoise saw the number of unique attacking IPs jump from a typical daily baseline of fewer than 200 to over 1200, signalling a…