Tag: cisco

Vulnerability Recap 7/8/24 Intel, Cisco More Face Risks

Jul 22, 2024 9:39 PM

Tags: cisco, risk, vulnerability

First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-july-8-2024/
Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)

Jul 22, 2024 5:39 AM

Tags: cisco, cve, email, flaw, vulnerability

Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/18/cve-2024-20401-cve-2024-20419/
Critical Cisco bug lets hackers add root users on SEG devices

Jul 22, 2024 2:39 AM

Tags: cisco, email, hacker, vulnerability

Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-cisco-bug-lets-hackers-add-root-users-on-seg-devices/
VMware, SolarWinds Vulnerabilities Exploited, and Cisco Warns of Critical ‘10.0’ Flaw

Jul 21, 2024 9:39 PM

Tags: cisco, exploit, flaw, vmware, vulnerability

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/vmware-adobe-bugs-under-active-attack-flaw-rates-10-0-critical
A critical flaw in Cisco SSM On-Prem allows attackers to change any user’s password

Jul 21, 2024 2:39 PM

Tags: cisco, flaw, password, software, threat, vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers allows threat actors to change any user’s password. Cisco … First seen on securityaffairs.com Jump to article: securityaffairs.com/165848/security/critical-flaw-cisco-ssm-on-prem.html
Maximum severity Cisco SSM On-Prem vulnerability addressed

Jul 20, 2024 9:39 PM

Tags: cisco, vulnerability

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/maximum-severity-cisco-ssm-on-prem-vulnerability-addressed
VMware, Adobe bugs exploited in active attacks as Cisco warns of critical ‘10.0’ flaw

Jul 20, 2024 9:39 PM

Tags: adobe, attack, cisco, exploit, flaw, vmware

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/cybersecurity-teams-advised-to-look-out-for-critical-adobe-cisco-bugs
Cisco Issues Patch for Maximum Severity SSM On-Prem Vulnerability

Jul 20, 2024 9:39 PM

Tags: cisco, update, vulnerability

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/cisco-issues-patch-for-maximum-severity-ssm-on-prem-vulnerability
Cisco SSM On-Prem bug lets hackers change any user’s password

Jul 19, 2024 6:56 PM

Tags: cisco, hacker, password, software, vulnerability

Cisco has fixed a maximum severity vulnerability that allows attackers to change any user’s password on vulnerable Cisco Smart Software Manager On-Pre… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-ssm-on-prem-bug-lets-hackers-change-any-users-password/
Cisco Patches Critical Vulnerabilities in Secure Email Gateway, SSM

Jul 18, 2024 8:10 PM

Tags: cisco, email, software, vulnerability

Cisco has released patches for critical vulnerabilities in Secure Email Gateway and Smart Software Manager On-Prem. The post Cisco Patches Critical Vu… First seen on securityweek.com Jump to article: www.securityweek.com/cisco-patches-critical-vulnerabilities-in-secure-email-gateway-ssm/
Cisco Talos: Top Ransomware TTPs Exposed

Jul 17, 2024 12:55 PM

Tags: attack, cisco, data-breach, group, ransomware

Cisco Talos observed the TTPs used by 14 of the most prevalent ransomware groups based on their volume of attack, impact to customers and atypical beh… First seen on techrepublic.com Jump to article: www.techrepublic.com/article/cisco-talos-ransomware-ttps/
Cisco Talos: How Threat Actors Target MFA

Jul 16, 2024 9:53 PM

Tags: cisco, incident response, mfa, threat

According to the latest Cisco Talos Incident Response Quarterly Trends report, instances related to MFA were involved in some capacity in half of all … First seen on duo.com Jump to article: duo.com/decipher/cisco-talos-how-threat-actors-target-mfa
Velvet Ant Exploits Cisco Zero-Day Flaw

Jul 16, 2024 5:55 PM

Tags: china, cisco, cyber, cybersecurity, espionage, exploit, flaw, group, zero-day

Recent events in the cybersecurity landscape have brought to light the activities of a China-nexus cyber espionage group known as Velvet Ant. The thre… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/velvet-ant-exploits-cisco-zero-day-flaw/
Cisco warns of appliances vulnerable to RegreSSHion vulnerability

Jul 12, 2024 9:55 PM

Tags: cisco, vulnerability

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/cisco-warns-of-appliances-vulnerable-to-regresshion-vulnerability
Schwachstelle in NX-OS: Hacker attackieren Cisco-Switches seit Monaten

Jul 12, 2024 1:57 PM

Tags: cisco, hacker, vulnerability

Durch eine Schwachstelle können Angreifer auf anfälligen Cisco-Geräten Befehle als Root ausführen. Mindestens eine Hackergruppe macht davon schon eine… First seen on golem.de Jump to article: www.golem.de/news/schwachstelle-in-nx-os-hacker-attackieren-cisco-switches-seit-monaten-2407-186673.html
Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware

Jul 12, 2024 1:56 PM

Tags: china, cisco, cyber, espionage, exploit, flaw, group, hacker, malware, software, zero-day

A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deli… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html
Cisco Warns regreSSHion Vulnerability Impacts Multiple Products

Jul 12, 2024 10:56 AM

Tags: cisco, vulnerability

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisco-regresshion-vulnerability/
CVE-2024-20337 Allows Unauthorized Access to VPN Sessions

Jul 10, 2024 9:08 PM

Tags: access, cisco, cve, flaw, unauthorized, vpn, vulnerability

Cisco unveiled patches aimed at rectifying a high-severity security flaw discovered within its Secure Client software. This vulnerability, identified … First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-20337-cisco-secure-client/
Operation Celestial Force employs mobile and desktop malware to target Indian entities

Jul 10, 2024 9:06 PM

Tags: cisco, india, malware, mobile

Cisco Talos is disclosing a new malware campaign called Operation Celestial Force running since at least 2018. It is still active today, employing the… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/cosmic-leopard/
Espionage Threat Actor Hits Multiple Government Entities

Jul 10, 2024 8:06 PM

Tags: china, cisco, espionage, government, threat

Cisco Talos researchers have linked known Gh0stRAT campaigns targeting public and private sector entities to a Chinese-speaking threat actor called Sn… First seen on duo.com Jump to article: duo.com/decipher/espionage-threat-actor-hits-multiple-government-entities
Patch Now: Cisco Zero-Day Under Fire From Chinese APT

Jul 10, 2024 4:08 PM

Tags: apt, china, cisco, exploit, software, threat, update, vulnerability, zero-day

Threat actor Velvet Ant has been exploiting a vulnerability in Cisco’s NX-OS Software for managing a variety of switches, executing commands and dropp… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/patch-now-cisco-zero-day-chinese-apt
CISA adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog

Jul 10, 2024 3:08 PM

Tags: cisa, cisco, cybersecurity, exploit, infrastructure, injection, kev, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog. Th… First seen on securityaffairs.com Jump to article: securityaffairs.com/165415/security/cisa-adds-cisco-nx-os-command-injection-bug-known-exploited-vulnerabilities-catalog.html
New banking trojan CarnavalHeist targets Brazil with overlay attacks

Jul 9, 2024 7:06 PM

Tags: attack, banking, cisco

Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called CarnavalHeist. Many … First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/new-banking-trojan-carnavalheist-targets-brazil/
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group

Jul 8, 2024 11:31 AM

Tags: china, cisco, group, zero-day

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisco-patches-zeroday-bug-chinese/
Cisco NX-OS: Update gegen seit April angegriffene Sicherheitslücke

Jul 8, 2024 7:31 AM

Tags: bug, cisco, update

First seen on heise.de Jump to article: www.heise.de/news/Cisco-NX-OS-Luecke-wird-angegriffen-Update-verfuegbar-9787532.html
Novel Cisco NX-OS zero-day leveraged by Chinese hackers

Jul 4, 2024 8:47 PM

Tags: china, cisco, hacker, zero-day

First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/novel-cisco-nx-os-zero-day-leveraged-by-chinese-hackers
Cisco patches zero-day in NX-OS Nexus switch software

Jul 4, 2024 8:47 PM

Tags: cisco, software, switch, zero-day

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/cisco-patches-medium-severity-zero-day-in-its-nx-os-nexus-switch-software
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

Jul 4, 2024 11:47 AM

Tags: apt, china, cisco, exploit, flaw, malware, vulnerability, zero-day

Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco a… First seen on securityaffairs.com Jump to article: securityaffairs.com/165097/apt/cisco-nx-os-zero-day-chinese-hackers.html
Cisco Patches an Exploited Zero-Day Vulnerability

Jul 3, 2024 9:47 PM

Tags: china, cisco, exploit, hacker, vulnerability, zero-day

China-Nexus Hackers Velvet Ant Exploited the Bug in April, Cisco and Sygnia Say. Cisco on Monday patched a zero-day vulnerability discovered months ag… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisco-patches-exploited-zero-day-vulnerability-a-25682
Cisco warns of NX-OS zero-day exploited to deploy custom malware

Jul 3, 2024 5:47 PM

Tags: cisco, exploit, malware, zero-day

First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-nx-os-zero-day-exploited-to-deploy-custom-malware/