Tag: cisco
-
6 hard-earned tips for leading through a cyberattack, from CSOs who’ve been there
Tags: attack, awareness, breach, business, cisco, ciso, control, cyber, cyberattack, cybersecurity, data, group, incident response, infosec, infrastructure, lessons-learned, military, open-source, phishing, phone, privacy, programming, ransomware, security-incident, service, skills, software, strategy, threat, training, updateDevelop muscle memory, and patience, through simulations: Authority under crisis is meaningless if you can’t establish followership. And this goes beyond the incident response team: CISOs must communicate with the entire organization, a commonly misunderstood imperative, says Pablo Riboldi, CISO of nearshore talent provider BairesDev.”I find that employee involvement tends to be overlooked during cyberattacks.…
-
CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks
Tags: advisory, attack, cisa, cisco, credentials, cve, cyber, cybersecurity, exploit, flaw, infrastructure, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning organizations about a critical vulnerability in Cisco’s Smart Licensing Utility (SLU) software that has reportedly been exploited in cyberattacks. The vulnerability, assigned CVE-2024-20439, stems from a static credential issue that could leave affected systems open to remote exploitation with potentially devastating consequences.…
-
U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Cisco disclosed two vulnerabilities in its Smart Licensing Utility: CVE-2024-20439,…
-
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT.”The file names use Russian words related to the movement of troops in Ukraine as a lure,” Cisco Talos researcher Guilherme Venere said in a report published last week. “The PowerShell downloader contacts geo-fenced…
-
Gamaredon Hackers Weaponize LNK Files to Deliver Remcos Backdoor
Cisco Talos has uncovered an ongoing cyber campaign by the Gamaredon threat actor group, targeting Ukrainian users with malicious LNK files to deliver the Remcos backdoor. Active since at least November 2024, this campaign employs spear-phishing tactics, leveraging themes related to the Ukraine conflict to lure victims into executing the malicious files. The LNK files,…
-
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Cisco Talos is actively tracking an ongoing campaign, targeting users in Ukraine with malicious LNK files which run a PowerShell downloader since at least November 2024. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/gamaredon-campaign-distribute-remcos/
-
UAT-5918 ATP group targets critical Taiwan
Cisco Talos found UAT-5918, active since 2023, using web shells and open-source tools for persistence, info theft, and credential harvesting. Cisco Talos uncovered UAT-5918, an info-stealing threat actor active since 2023, using web shells and open-source tools for persistence and credential theft. The APT UAT-5918 targets Taiwan, exploiting N-day vulnerabilities in unpatched servers for long-term…
-
Chinese Hackers Exploit Unpatched Servers in Taiwan
UAT-5918 Breaches Taiwan’s Critical Sectors Using N-Day Flaws for Cyberespionage. Hackers with ties to China-based hacking groups including Volt Typhoon are breaching Taiwan’s critical infrastructure by exploiting unpatched web and application servers as entry points for a cyberespionage campaign. Cisco Talos threat hunters identified the new threat actor as UAT-5918. First seen on govinfosecurity.com Jump…
-
Active exploitation of Cisco Smart Licensing flaws underway
First seen on scworld.com Jump to article: www.scworld.com/brief/active-exploitation-of-cisco-smart-licensing-flaws-underway
-
Active Exploitation Of Cisco Smart Licensing Bugs Under Way
First seen on scworld.com Jump to article: www.scworld.com/brief/active-exploitation-of-cisco-smart-licensing-flaws-under-way
-
Cisco Smart Licensing Utility flaws actively exploited in the wild
Experts warn of the active exploitation of two recently patched security vulnerabilities affecting Cisco Smart Licensing Utility. Cisco disclosed two vulnerabilities in its Smart Licensing Utility: CVE-2024-20439, a static credential backdoor, and CVE-2024-20440, an information disclosure flaw. Attackers can exploit the backdoor to access sensitive log files. While no active exploitation was initially observed, the…
-
CVE-2024-20439: Critical Cisco Smart Licensing Flaws Exploited
Two Critical Vulnerabilities Expose Administrative Access Two now-patched but previously critical vulnerabilities in Cisco Smart Licensing Utility are being actively exploited in the wild, according to reports from the SANS Internet Storm Center. These flaws affect versions 2.0.0, 2.1.0, and… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-20439-cisco-smart-licensing-flaws/
-
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.The two critical-rated vulnerabilities in question are listed below – CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to…
-
Critical Cisco Smart Licensing Utility flaws now exploited in attacks
Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-cisco-smart-licensing-utility-flaws-now-exploited-in-attacks/
-
Cisco Smart Licensing Utility flaws under attack
The SANS Internet Storm Center reported exploitation attempts against two critical vulnerabilities, which were initially disclosed in September. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-smart-licensing-utility-flaws-attacked/743064/
-
Taiwan critical infrastructure targeted by hackers with possible ties to Volt Typhoon
Researchers at Cisco Talos identified a hacking operation against Taiwan that appears to overlap with Chinese state-backed campaigns known as Volt Typhoon and Flax Typhoon. First seen on therecord.media Jump to article: therecord.media/taiwan-critical-infrastructure-hacking-uat-5918
-
Cisco Smart Licensing Utility Vulnerabilities Under Hacker Exploitation
Recent reports indicate that hackers are actively trying to exploit two critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, were disclosed by Cisco in September. The first vulnerability involves a static credential issue, while the second is an information disclosure vulnerability related to excessive logging. Overview of the…
-
Hackers Target Cisco Smart Licensing Utility Vulnerabilities
SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440. The post Hackers Target Cisco Smart Licensing Utility Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hackers-target-cisco-smart-licensing-utility-vulnerabilities/
-
Attackers use CSS to create evasive phishing messages
Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences. Cisco Talos observed threat actors abusing Cascading Style Sheets (CSS) to evade detection and track user behavior, raising security and privacy concerns, including potential fingerprinting. Cascading Style Sheets (CSS) is a stylesheet language used to…
-
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions
Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions.That’s according to new findings from Cisco Talos, which said such malicious activities can compromise a victim’s security and privacy.”The features available in CSS allow attackers and spammers…
-
Adobe Acrobat Vulnerabilities Enable Remote Code Execution
A recent disclosure by Cisco Talos’ Vulnerability Discovery & Research team highlighted several vulnerability issues in Adobe Acrobat. All of these vulnerabilities have been addressed by their respective vendors, aligning with Cisco’s third-party vulnerability disclosure policy. For detection of these vulnerabilities, users can utilize the latest Snort rule sets available from Snort.org and refer to…
-
Security Affairs newsletter Round 515 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New MassJacker clipper targets pirated software seekers Cisco IOS XR flaw allows attackers to crash BGP process on…
-
Cisco IOS XR flaw allows attackers to crash BGP process on routers
Cisco addressed a denial of service (DoS) vulnerability that allows attackers to crash the Border Gateway Protocol (BGP) process on IOS XR routers. Cisco has addressed a denial of service (DoS) vulnerability, tracked as CVE-2025-20115, that could allow an unauthenticated, remote attacker to crash the Border Gateway Protocol (BGP) process on IOS XR routers by sending a single BGP…
-
Will Cisco’s Free Tech Training for 1.5M People Help Close EU’s Skills Gap?
Cisco’s training through its Networking Academy will help “build a resilient and skilled workforce ready to meet Europe’s digital transformation and AI objectives.” First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-skills-tech-training-european-union/
-
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-attackers-crash-bgp-on-ios-xr-routers/
-
Tech giants seek data standards amid AI push
Microsoft, IBM and Cisco are among the vendors backing the OASIS Data Provenance Standards Technical Committee announced last week. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-data-quality-ibm-microsoft-red-hat-cisco/742581/
-
Tech industry alliance rallies around data quality
Microsoft, IBM and Cisco are among the vendors backing the OASIS Data Provenance Standards Technical Committee announced last week. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-data-quality-ibm-microsoft-red-hat-cisco/742581/
-
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks. The vulnerability, identified as CVE-2025-20115, affects the Border Gateway Protocol (BGP) confederation implementation. The CVE-2025-20115 vulnerability affects the Border Gateway Protocol (BGP) confederation implementation in Cisco IOS XR Software, potentially allowing…
-
Miniaudio and Adobe Acrobat Reader vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a Miniaudio and three Adobe vulnerabilities. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort coverage First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/miniaudio-and-adobe-acrobat-reader-vulnerabilities/