Tag: cisco
-
IoT under siege: The return of the Mirai-based Gayfemboy Botnet
Mirai-based Gayfemboy botnet resurfaces, evolving to target systems worldwide; Fortinet researchers provided details about the new campaign. FortiGuard Labs researchers tracked a new Gayfemboy botnet campaign, the malware exploits known flaws in DrayTek, TP-Link, Raisecom, and Cisco, showing evolved tactics and renewed activity. The Gayfemboy botnet was first identified in February 2024, it borrows the…
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…
-
Remote Code Execution – Cisco Firewalls bedroht durch CVSS-10-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-im-cisco-secure-firewall-management-center-a-ea347b0f1acc3e110b1da23c7ee3ff70/
-
Moscow exploiting seven-year-old Cisco flaw, says FBI
US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco’s operating system software. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629846/Moscow-exploiting-seven-year-old-Cisco-flaw-says-FBI
-
Moscow exploiting seven-year-old Cisco flaw, says FBI
US authorities warn of an uptick in state-sponsored exploitation of a seven-year-old vulnerability in Cisco’s operating system software. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629846/Moscow-exploiting-seven-year-old-Cisco-flaw-says-FBI
-
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hacking-cisco-switches-fbi-warning/758206/
-
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/russia-hacking-cisco-switches-fbi-warning/758206/
-
Russian Hackers Hitting Critical Infrastructure, FBI Warns
Tags: cisco, cyberespionage, espionage, exploit, government, group, hacker, infrastructure, intelligence, russia, vulnerabilityState-Sponsored Espionage Group Tied to Exploits of No-Longer-Supported Cisco Gear. Russian intelligence hackers are using obsolete and unpatched equipment made by networking mainstay Cisco Systems to further stealthy and ongoing cyberespionage operations, the U.S. federal government warned Wednesday. Hackers exploit a vulnerability in the Smart Install feature of Cisco devices. First seen on govinfosecurity.com Jump…
-
Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/21/cve-2018-0171-cisco-cyber-espionage/
-
Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw
Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices, prompting warnings from the FBI and Cisco Talos First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-espionage-group-targets/
-
Russian hackers exploit old Cisco flaw to target global enterprise networks
Six-year-old vulnerability still wreaking havoc: At the heart of this campaign lies CVE-2018-0171, a critical vulnerability that affected Cisco IOS software’s Smart Install feature and allowed unauthenticated remote attackers to execute arbitrary code or trigger denial-of-service conditions.Despite Cisco patching the flaw in 2018, Static Tundra continued exploiting unpatched devices, particularly those that reached end-of-life status,…
-
FBI warns of Russian hackers exploiting 7-year-old Cisco flaw
The Federal Bureau of Investigation (FBI) has warned that hackers linked to Russia’s Federal Security Service (FSB) are targeting critical infrastructure organizations in attacks exploiting a 7-year-old vulnerability in Cisco devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-russian-hackers-exploiting-cisco-flaw-in-critical-infrastructure-attacks/
-
Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial System Configs
Static Tundra, a Russian state-sponsored threat actor connected to the FSB’s Center 16 unit, has been responsible for a sustained cyber espionage effort, according to information released by Cisco Talos. Operating for over a decade, this group specializes in compromising network devices to facilitate long-term intelligence gathering, with a focus on extracting configuration data from…
-
FBI: Russia-linked group Static Tundra exploit old Cisco flaw for espionage
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the…
-
A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years
The post A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/a-decade-of-espionage-how-a-russian-apt-exploited-cisco-devices-cve-2018-0171-for-years/
-
FBI, Cisco Warn of Russian Attacks on 7-Year-Old Flaw
In the past year, Static Tundra, aka Energetic Bear, has breached thousands of end-of-life Cisco devices unpatched against a 2018 flaw, in a campaign targeting enterprises and critical infrastructure. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/fbi-cisco-warn-russian-attacks-7-year-old-flaw
-
Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability
FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and… First seen on hackread.com Jump to article: hackread.com/russian-state-hackers-exploit-cisco-router-vulnerability/
-
Russian state cyber group Static Tundra exploiting Cisco devices, FBI warns
A Russian cyber-espionage group is increasingly targeting unpatched Cisco networking devices through a vulnerability first discovered in 2018, the FBI warned. First seen on therecord.media Jump to article: therecord.media/russia-cisco-fsb-static-tundra
-
FBI: Russian spies exploiting a 7-year-old Cisco bug to slurp configs from critical infrastructure
Snarfing up config files for ‘thousands’ of devices”¦just for giggles, we’re sure First seen on theregister.com Jump to article: www.theregister.com/2025/08/20/russian_fsb_cyberspies_exploiting_cisco_bug/
-
FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage
A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks.Cisco Talos, which disclosed details of the activity, said the attacks single out organizations in telecommunications, higher education and…
-
Ransomware Attacks in Japan Surge by 1.4 Times, Signaling a Significant Increase in Cyber Threats
Japan saw a significant increase in ransomware attacks in the first half of 2025, with incidences increasing by about 1.4 times over the same period the year before. According to a detailed investigation by Cisco Talos, 68 ransomware cases targeted Japanese organizations, including domestic firms and their overseas branches, from January to June 2025. This…
-
Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/static-tundra/
-
Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
A Russian state-sponsored group, Static Tundra, is exploiting an old Cisco IOS vulnerability to compromise unpatched network devices worldwide, targeting key sectors for intelligence gathering. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/static-tundra/
-
Surge in Scans From Hacked Cisco, Linksys, and Araknis Routers
Cybersecurity researchers have identified a significant increase in malicious scanning activities originating from compromised consumer and enterprise networking equipment, with particular focus on Cisco, Linksys, and Araknis router models. The Shadowserver Foundation, a prominent threat intelligence organization, has reported observing unusual scanning patterns that suggest widespread compromise of these networking devices. Security analysts are tracking…
-
Surge in Scans From Hacked Cisco, Linksys, and Araknis Routers
Cybersecurity researchers have identified a significant increase in malicious scanning activities originating from compromised consumer and enterprise networking equipment, with particular focus on Cisco, Linksys, and Araknis router models. The Shadowserver Foundation, a prominent threat intelligence organization, has reported observing unusual scanning patterns that suggest widespread compromise of these networking devices. Security analysts are tracking…
-
JJ Cummings: The art of controlling information
Get an inside look at how JJ Cummings helped build and lead one of Cisco Talos’ most impactful security teams, and discover what drives him to stay at the forefront of threat intelligence. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/jj-cummings-the-art-of-controlling-information/
-
Hackers Exploit Cisco Secure Links to Evade Scanners and Bypass Filters
Tags: attack, cisco, credentials, cyber, cybercrime, detection, email, exploit, hacker, infrastructure, network, phishingCybercriminals have discovered a sophisticated new attack vector that weaponizes Cisco’s security infrastructure against users, according to recent research from Raven AI. The company’s context-aware detection systems uncovered a credential phishing campaign that exploits Cisco Safe Links to evade traditional email security scanners and bypass network filters, highlighting a dangerous trend of attackers turning trusted…
-
Cisco Patches Maximum-Severity Firewall Flaw
Cisco Secure Firewall Management Centers Connected to RADIUS Left Vulnerable. Networking equipment giant Cisco warned firewall customers to patch after discovering a maximum-severity vulnerability that could allow unauthenticated hackers to commandeer the server. The flaw rates a maximum score of 10 on the CVSS system. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-patches-maximum-severity-firewall-flaw-a-29250
-
Chinese APT Group Targets Web Hosting Services in Taiwan
Cisco Talos observed the newly identified group compromise a Taiwanese web hosting provider to conduct a range of malicious activities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-apt-web-hosting-taiwan/