Tag: cisco
-
More victims of China’s Salt Typhoon crew emerge Telcos, unis hit via Cisco bugs
Networks in US and beyond compromised by Beijing’s super-snoops First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/salt_typhoon_pwned_7_more/
-
Unpatched Cisco Devices Still Getting Popped by Salt Typhoon
Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers Warn. A Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear. First seen…
-
Conscia expands UK presence as ITGL buys ISN
Tags: ciscoDanish player’s Portsmouth-based operation bolsters its position in the Cisco channel with M&A move First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366619292/Conscia-expands-UK-presence-as-ITGL-buys-ISN
-
China’s Salt Typhoon Spies Are Still Hacking Telecoms”, Now by Exploiting Cisco Routers
Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms. First seen on wired.com Jump to article: www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/
-
Neue Malware-Variante ‘TorNet” arbeitet mit gefälschten Überweisungsbestätigungen
Forscher von Cisco Talos warnen vor einer neuen Phishing-Kampagne, die auf Nutzer in Deutschland und Polen abzielt, um verschiedene Arten von Malware zu verbreiten, darunter eine neue Backdoor namens ‘TorNet”. Die Phishing-Mails geben vor, gefälschte Überweisungsbestätigungen von Finanzinstituten oder gefälschte Auftragsbestätigungen von Produktions- und Logistikunternehmen zu sein. ‘Die Phishing-E-Mails sind hauptsächlich in polnischer und deutscher…
-
Cisco Says Ransomware Group’s Leak Related to Old Hack
A fresh post on the Kraken ransomware group’s leak website refers to data stolen in a 2022 cyberattack, Cisco says. The post Cisco Says Ransomware Group’s Leak Related to Old Hack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisco-says-ransomware-groups-leak-related-to-old-hack/
-
Yup, AMD’s Elba and Giglio definitely sound like they work corporate security
Which is why Cisco is adding these Pensando DPUs to more switches First seen on theregister.com Jump to article: www.theregister.com/2025/02/11/cisco_amd_dpu/
-
Cisco Rejects Kraken Ransomware’s Data Breach Claims
Cisco denies recent data breach claims by the Kraken ransomware group, stating leaked credentials are from a resolved 2022 incident. Learn more about Cisco’s response and the details of the original attack. First seen on hackread.com Jump to article: hackread.com/cisco-rejects-kraken-ransomware-data-breach-claim/
-
Cisco Data Breach Ransomware Group Allegedly Breached Internal Network
Tags: breach, cisco, credentials, cyber, dark-web, data, data-breach, group, infrastructure, network, password, ransomware, windowsSensitive credentials from Cisco’s internal network and domain infrastructure were reportedly made public due to a significant data breach. According to a Cyber Press Research report, the new Kraken ransomware group has allegedly leaked a dataset on their dark web blog, which appears to be a dump of hashed passwords from a Windows Active Directory…
-
Hackers deployed web shells, exploited public-facing applications in Q4
A Cisco Talos report also indicated a sharp increase in remote access tools being leveraged in ransomware.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-actors-web-shells-exploit/739426/
-
Hackers deploy web shells, exploit public-facing applications
A Cisco Talos Q4 report also indicated a sharp increase in remote access tools being leveraged in ransomware.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-actors-web-shells-exploit/739426/
-
Critical Cisco ISE bug can let attackers run commands as root
Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-cisco-ise-bug-can-let-attackers-run-commands-as-root/
-
Cisco addressed two critical flaws in its Identity Services Engine (ISE)
Cisco addressed critical flaws in Identity Services Engine, preventing privilege escalation and system configuration changes. Cisco addressed multiple vulnerabilities, including two critical remote code execution flaws, tracked as CVE-2025-20124 (CVSS score of 9.9) and CVE-2025-20125 (CVSS score of 9.1), in Identity Services Engine (ISE). A remote attacker authenticated with read-only administrative privileges could exploit the…
-
Cisco stopft Sicherheitslücken in mehreren Produkten auch kritische
In mehreren Produkten hat Cisco Sicherheitslücken entdeckt und warnt in Sicherheitsmitteilungen davor. Updates stehen bereit. First seen on heise.de Jump to article: www.heise.de/news/Cisco-stopft-Sicherheitsluecken-in-mehreren-Produkten-auch-kritische-10272291.html
-
Cisco Patches Critical Vulnerabilities in Enterprise Security Product
Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and system configuration modifications. The post Cisco Patches Critical Vulnerabilities in Enterprise Security Product appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-management-product/
-
Google Cloud Platform Data Destruction via Cloud Build
A technical overview of Cisco Talos’ investigations into Google Cloud Platform Cloud Build, and the threat surface posed by the storage permission family. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/gcp-data-destruction-via-cloud-build/
-
Cisco Patches Critical Vulnerabilities in Enterprise Management Product
Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and system configuration modifications. The post Cisco Patches Critical Vulnerabilities in Enterprise Management Product appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisco-patches-critical-vulnerabilities-in-enterprise-management-product/
-
Malvertising: Cyberkriminelle klonen Website der TU Dresden
Das Threat-Intelligence-Team von Malwarebytes hat eine Malvertising-Kampagne für den VPN-Client Cisco AnyConnect entdeckt. Opfer werden auf vertrauenswürdige Seiten geleitet, fangen sich dort aber einen Remote-Access-Trojaner ein. Auch die Webseite der TU Dresden wurde wohl von den Cyberkriminellen geclont. Keyword cisco … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/02/06/malvertising-cyberkriminelle-klonen-website-der-tu-dresden/
-
Cisco Anyconnect: Hacker klonen Webseite der TU Dresden und verbreiten Malware
Mutmaßlich russische Angreifer wollten Nutzern von Cisco Anyconnect eine Malware unterjubeln. Mit einem Trick sollte die Masche unentdeckt bleiben. First seen on golem.de Jump to article: www.golem.de/news/cisco-anyconnect-hacker-klonen-webseite-der-tu-dresden-und-verbreiten-malware-2502-193091.html
-
Cisco IOS SNMP Vulnerabilities Allow Attackers to Launch DoS Attacks<<
Cisco has disclosed multiple vulnerabilities in its Simple Network Management Protocol (SNMP) subsystem affecting Cisco IOS, IOS XE, and IOS XR software. These flaws, identified as high-severity, could allow an authenticated remote attacker to trigger Denial-of-Service (DoS) conditions, disrupting network operations. Key Details According to the Cisco Security Advisory ID: cisco-sa-snmp-dos-sdxnSUcW, the vulnerabilities stem from improper…
-
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices.The vulnerabilities are listed below -CVE-2025-20124 (CVSS score: 9.9) – An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote…
-
AI Defense – Cisco launcht Sicherheitsplattform für KI-Anwendungen
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-launcht-sicherheitsplattform-fuer-ki-anwendungen-a-ea07e2c81e6089eb2d460437cb5f6897/
-
CVSS Score 9.9 – Kritische Schwachstelle in Verwaltung von Cisco Meeting
First seen on security-insider.de Jump to article: www.security-insider.de/-sicherheitsluecke-cisco-meeting-management-a-79d4be5455d07c12bc63a0a670484619/
-
DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test
DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google. The post DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/deepseek-compared-to-chatgpt-gemini-in-ai-jailbreak-test/
-
Cisco Finds DeepSeek R1 Highly Vulnerable to Harmful Prompts
DeepSeek R1, a cost-efficient AI model, achieves impressive reasoning but fails all safety tests in a new study… First seen on hackread.com Jump to article: hackread.com/cisco-finds-deepseek-r1-vulnerable-harmful-prompts/
-
Whatsup Gold, Observium and Offis vulnerabilities
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications implementing DICOM (Digital Imaging and Communications First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/
-
New phishing campaign targets users in Poland and Germany
An ongoing phishing campaign, presumably by an advanced persistent threat (APT) actor, is seen dropping a new backdoor on victim systems enabling stealthy C2 operations.The backdoor, which Cisco’s Talos Intelligence Unit is tracking as TorNet, was found connecting victim machines to the decentralized and anonymizing TOR network for C2 communications.”Cisco Talos discovered an ongoing malicious…
-
TorNet Backdoor Exploits Windows Scheduled Tasks to Deploy Malware
Cisco Talos researchers have identified an ongoing cyber campaign, active since mid-2024, deploying a previously undocumented backdoor known as >>TorNet.
-
New TorNet backdoor seen in widespread campaign
Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor targeting users, predominantly in Poland and Germany. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/new-tornet-backdoor-campaign/