Tag: cisco
-
CISOs still cautious about adopting autonomous patch management solutions
Tags: automation, business, cisco, ciso, cloud, control, crowdstrike, cybersecurity, email, exploit, firmware, group, infosec, microsoft, open-source, regulation, risk, software, strategy, technology, update, vulnerability, windowsFailing to patch vulnerabilities keeps biting CISOs.The most recent evidence: Last month, the Five Eyes cybersecurity agencies in the US, the UK, Australia, Canada, and New Zealand reported that the top 15 vulnerabilities routinely exploited last year included one that dated back to 2020 (a Microsoft Netlogon hole); one that dated back to 2021 (in…
-
Hundred of CISCO switches impacted by bootloader flaw
A bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature checks. Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS software’s bootloader that could be exploited by attackers to bypass image signature verification. >>A vulnerability in the bootloader of Cisco NX-OS Software could…
-
Cisco and Rittal Asset Discovery Enhancement
Product Update: Version 4.7 Our latest software release delivers a major upgrade for Cisco and Rittal asset discovery. Enjoy improved detection and tracking of power data in Cisco switches and enhanced environmental sensor recognition in the Rittal CMC III system. Plus, the new version of our Hyperview Asset Tool (hvat) is now … First seen…
-
Bootloader Vulnerability Impacts Over 100 Cisco Switches
More than 100 Cisco products are affected by an NX-OS vulnerability that allows attackers to bypass image signature verification. The post Bootloader Vulnerability Impacts Over 100 Cisco Switches appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/bootloader-vulnerability-impacts-over-100-cisco-switches/
-
How AppOmni and Cisco Advance Zero Trust SaaS Security
Learn how AppOmni’s SSPM and Cisco’s SSE create a unified Zero Trust security solution, bridging SaaS and cloud service vulnerabilities to protect critical data. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/how-appomni-and-cisco-advance-zero-trust-saas-security/
-
Security teams should act now to counter Chinese threat, says CISA
Tags: 5G, access, apple, at&t, attack, authentication, china, cisa, cisco, communications, control, cyber, cybersecurity, data, encryption, espionage, exploit, google, government, hacker, infrastructure, linux, microsoft, mitigation, mobile, monitoring, network, nist, password, risk, service, siem, technology, theft, threat, vpn, vulnerabilitySecurity teams and individuals across the US need to take immediate precautions to counter the surveillance threat posed by Chinese ‘Salt Typhoon’ hackers, who have burrowed deep into telecoms infrastructure, according to the US Cybersecurity and Infrastructure Security Agency (CISA).CISA issued an official alert recommending defensive measures on December 3, as federal officials briefed journalists…
-
CISA, FBI Issue Guidance for Securing Communications Infrastructure
The caution comes after Chinese-state-affiliated breaches of American telecommunication networks. Organizations with Cisco infrastructure should take particular note. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/communications-breach-cisa-fbi-security-guidance/
-
Cisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability
The vulnerability was first identified in 2014. First seen on hackread.com Jump to article: hackread.com/cisco-patch-decade-old-webvpn-vulnerability/
-
Government Guidance on Chinese Telco Hacking Highlights Threat to Cisco Devices
Government agencies issue guidance on Chinese telecoms hacking as US officials say threat actors may have yet to be expelled. The post Government Guidance on Chinese Telco Hacking Highlights Threat to Cisco Devices appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/government-guidance-on-chinese-telco-hack-highlights-threat-to-cisco-devices/
-
The ASA flaw CVE-2014-2120 is being actively exploited in the wild
Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is being actively exploited in attacks in the wild, and urges customers to review the updated advisory. The vulnerability resides in the WebVPN login page of Cisco Adaptive Security…
-
Decade-Old Cisco Vulnerability Under Active Exploit
Cisco encourages users to update to an unaffected version of its Adaptive Security Appliance (ASA) software since there are no workarounds for the 2014 vulnerability. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/decade-old-cisco-vulnerability-exploit
-
Cisco warns of continued exploitation of 10-year-old ASA bug
First seen on scworld.com Jump to article: www.scworld.com/news/cisco-warns-of-continued-exploitation-of-10-year-old-asa-bug
-
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…
-
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability
Cisco has updated an advisory for CVE-2014-2120 to warn customers that the vulnerability has been exploited in the wild. The post Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability/
-
NVIDIA shader outbounds and eleven LevelOne router vulnerabilities
Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as el… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/nvidia-shader-out-of-bounds-and-level1-2/
-
Threat actors use copyright infringement phishing lure to deploy infostealers
Cisco Talos has observed an unknown threat actor conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan.&#… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/threat-actors-use-copyright-infringement-phishing-lure-to-deploy-infostealers/
-
Wendy Nather on the ‘Topics That Are Distracting CISOs’
Wendy Nather, distinguished cybersecurity leader and director of strategic engagements at Cisco, talks to Lindsey O’Donnell-Welch, executive editor wi… First seen on duo.com Jump to article: duo.com/decipher/wendy-nather-on-the-topics-that-are-distracting-cisos
-
KI-gestützte Cybersicherheit – Logicalis bietet Cisco XDR als Managed Service an
First seen on security-insider.de Jump to article: www.security-insider.de/logicalis-bietet-cisco-xdr-als-managed-service-an-a-c1e55224bf4407e531a310ba7361988b/
-
Cisco confirms attackers stole data from DevHub environment
First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613746/Cisco-confirms-attackers-stole-data-from-DevHub-environment
-
Emergency patch: Cisco fixes bug under exploit in brute-force attacks
First seen on theregister.com Jump to article: www.theregister.com/2024/10/24/cisco_bug_brute_force/
-
60% of Emails with QR Codes Classified as Spam or Malicious
60% of QR code emails are spam according findings from Cisco Talos, who also identified attackers using QR code art to bypass security filters First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/60-emails-qr-codes-spam-malicious/
-
Splunk accelerates Cisco’s security business as core networking sales decline
Security revenue doubled to $2 billion in Cisco’s recent quarter. Without Splunk’s contribution, its total revenue would have dropped 14%. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/splunk-growth-cisco-security/733196/
-
Cisco partners viewing AI as major revenue generator
First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366614012/Cisco-partners-viewing-AI-as-major-revenue-generator
-
PXA Stealer: New Malware Targets Governments and Education Across Europe and Asia
Cisco Talos recently identified a sophisticated cyber campaign targeting sensitive information in government and educational sectors across Europe and Asia. Operated by a Vietnamese-speaking threat actor, this campaign leverages a... First seen on securityonline.info Jump to article: securityonline.info/pxa-stealer-new-malware-targets-governments-and-education-across-europe-and-asia/
-
Zero-Day Exploits Surge in 2023, Cisco, Fortinet Vulnerabilities Targeted
A report from the Five Eyes cybersecurity alliance, released by the CISA, highlights the majority of the most exploited vulnerabilities last year were initially zero-day flaws, a significant increase compared to 2022 when less than half of the top vulnerabilities were zero-day exploits. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/zero-day-exploits-surge-in-2023-cisco-fortinet-vulnerabilities-targeted/
-
New PXA Stealer targets government and education sectors for sensitive information
Cisco Talos discovered a new information stealing campaign operated by a Vietnamese-speaking threat actor targeting government and education entities in Europe and Asia. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/new-pxa-stealer/
-
NFL and Cisco gain yardage with network and security partnership
Cisco scores contract extension with US sports body NFL to connect and protect 2024 roster of International Games in the UK, Germany, Brazil and Spain… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366613533/NFL-and-Cisco-gain-yardage-with-network-and-security-partnership
-
Zero-days from top security vendors were most exploited CVEs in 2023
The top five vulnerabilities exploited by attackers last were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/security-vendors-zero-days-top-cve-exploits/732814/