Tag: cisco
-
Cisco set to release home-brew hypervisor as a VMware alternative
Only for its own comms apps whose users can probably do without a full private cloud First seen on theregister.com Jump to article: www.theregister.com/2026/02/16/cisco_nfvis_for_uc_hypervisor/
-
10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons
Tags: access, ai, application-security, attack, automation, backdoor, banking, ceo, cisco, ciso, compliance, control, credentials, crypto, cyber, cybercrime, cybersecurity, data-breach, defense, detection, endpoint, exploit, finance, fintech, firewall, framework, infrastructure, intelligence, international, malware, monitoring, network, north-korea, oracle, password, risk, service, software, theft, threat, tool, vulnerabilitySecurity shortcomings: Adrian Cheek, senior cybercrime researcher at threat exposure management firm Flare, said the Bangladesh Bank heist was possible because of a number of security shortcomings, including a failure to air gap critical infrastructure.”The Bank of Bangladesh had four servers and the same number of desktops connected to SWIFT,” Cheek says. “This infrastructure, however,…
-
New threat actor UAT-9921 deploys VoidLink against enterprise sectors
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial organizations, Cisco Talos reports. Cisco Talos spotted a previously unknown threat actor, tracked as UAT-9921, using a new modular attack framework called VoidLink. The group targets organizations in the technology and financial services sectors. The flexible design of VoidLink suggests…
-
UAT-9921 Deploys VoidLink Malware to Target Technology and Financial Sectors
A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services sectors, according to findings from Cisco Talos.”This threat actor seems to have been active since 2019, although they have not necessarily used VoidLink over the duration of their…
-
Cybersecurity Sicherheitstechnologie kommt in die Telekom Shops
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-sicherheitstechnologie-kommt-in-die-telekom-shops-a-489f590138f95f503a055a0ace5510bc/
-
Ryan Liles, master of technical diplomacy
Ryan Liles reveals how he bridges the gap between Cisco’s product teams and third-party testing labs, mastering the art of technical diplomacy while driving industry standards forward and keeping the internet’s defenders ahead of the game. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/ryan-liles-master-of-technical-diplomacy/
-
The Security Interviews: Mick Baccio, Splunk
Mick Baccio, global security advisor at Splunk SURGe and Cisco Foundation AI, reveals how the experience of running cyber on a dime for a US presidential campaign has informed how he does security, and why the basics still matter First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638842/The-Security-Interviews-Mick-Baccio-Splunk
-
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks. First seen on hackread.com Jump to article: hackread.com/china-dknife-spyware-hijack-internet-routers-2019/
-
DKnife toolkit abuses routers to spy and deliver malware since 2019
DKnife is a Linux toolkit used since 2019 to hijack router traffic and deliver malware in cyber-espionage attacks. Cisco Talos found DKnife, a powerful Linux toolkit that threat actors use to spy on and control network traffic through routers and edge devices. It inspects and alters data in transit and installs malware on PCs, phones,…
-
AI security worries stall enterprise production deployments
From Big Tech executives at Cisco’s AI Summit this week to market research, the industry is waking up to a major hindrance in enterprise AI adoption. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366638794/AI-security-worries-stall-enterprise-production-deployments
-
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/knife-cutting-the-edge/
-
Cisco Warns of Meeting Management Flaw Enabling Arbitrary File Upload by Remote Attackers
Cisco has released a security advisory detailing a high-severity vulnerability in Cisco Meeting Management (CMM). The flaw, caused by improper input validation, allows authenticated remote attackers to upload arbitrary files and potentially execute commands with root privileges. The vulnerability is located within the Certificate Management feature of the CMM web-based management interface. It has been assigned a CVSS…
-
Think agentic AI is hard to secure today? Just wait a few months
Cost effective fix: Do nothing: Kodezi’s Khan offers an interesting fix for that foundational problem: Don’t even try. He argues it’s a money pit that will never be fully resolved. Instead, he suggests pouring resources into creating a strict identity strategy for every NHI going forward. “Aim for containment rather than for perfection. You can’t really govern…
-
Cisco sees vulnerability exploitation top phishing in Q4
The company’s recommendations included monitoring for abuses of multifactor authentication, a growing threat to the enterprise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-threat-report-exploitation-phishing/810977/
-
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026.The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale of…
-
EU’s answer to CVE solves dependency issue, adds fragmentation risks
Tags: access, ai, china, cisco, cve, cyber, cybersecurity, data, dos, exploit, finance, governance, grc, infrastructure, intelligence, international, nvd, open-source, risk, service, software, threat, tool, vulnerability, vulnerability-managementCoordinated disclosure: Nik Kale, principal engineer and product architect at Cisco Systems, says GCVE’s main challenge comes from building a platform that the security community can rely on for coordinated disclosure and remediation.”Viability depends far more on governance than on the data itself,” Kale says. “That includes clear attribution rules, transparent CNA processes, predictable decision-making,…
-
Dissecting UAT-8099: New persistence mechanisms and regional focus
Cisco Talos has identified a new, regionally targeted campaign by UAT-8099 that leverages advanced persistence techniques and custom BadIIS malware variants to compromise IIS servers, particularly in Thailand and Vietnam. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8099-new-persistence-mechanisms-and-regional-focus/
-
Unified Communication und Webex betroffen – Sicherheitslücke erlaubt Root-Zugriff auf Cisco Systeme
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-unified-communications-sicherheitsluecke-a-c0d567bf3e84de1ecae7eaa115e39339/
-
SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams
Tags: access, attack, authentication, awareness, breach, cisco, control, credentials, cve, cybersecurity, data, exploit, flaw, fortinet, infrastructure, malicious, programming, radius, rce, remote-code-execution, software, threat, update, vulnerabilityRemote code execution and data deserialization vulnerabilities CVE-2025-40551 (critical) and CVE-2025-40553 (critical);Authentication and bypass security flaws CVE-2025-40552 (critical), CVE-2025-40554 (critical), CVE-2025-40536 (high), and CVE-2025-40537 (high).CVE-2025-40551 and CVE-2025-40553 make WHD susceptible to untrusted data deseralization that could allow attackers to run commands on the host machine. The flaw could be exploited without authentication.The other two critical…
-
Privacy Is Fueling the CIO’s AI Agenda
Cisco Research Shows How AI Is Reshaping Data Privacy and Governance. Enterprise data privacy and governance are undergoing fundamental shifts as the promised speed and efficiency of artificial intelligence come crashing into the realities of data risk and regulatory uncertainty. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/privacy-fueling-cios-ai-agenda-a-30610
-
AI’s appetite for data is testing enterprise guardrails
Privacy programs are taking on more operational responsibility across the enterprise. A new Cisco global benchmark study shows expanding mandates, rising investment, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/27/cisco-ai-expands-privacy-programs/
-
AI’s appetite for data is testing enterprise guardrails
Privacy programs are taking on more operational responsibility across the enterprise. A new Cisco global benchmark study shows expanding mandates, rising investment, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/27/cisco-ai-expands-privacy-programs/
-
Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: AI Strategy and Security AI Strategy and Security is a guide for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/25/week-in-review-fully-patched-fortigate-firewalls-are-getting-compromised-attackers-probe-cisco-rce-flaw/
-
Exploited Zero-Day Flaw in Cisco UC Could Affect Millions
Mass scanning is underway for CVE-2026-20045, which Cisco tagged as critical because successful exploitation could lead to a complete system takeover. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/exploited-zero-day-flaw-cisco-uc-affect-millions
-
Zero-Day Flaw in Cisco Unified Communications Being Targeted
Vendor Ships Emergency Fixes, Warning Flaw Facilitates Full System Compromise. Attackers are targeting a zero-day vulnerability in Cisco’s Unified Communications and Webex products that facilitates remote code execution and root-level access to the underlying operating system, risking full system compromise. Cisco has released patches, warning that no workarounds exist. First seen on govinfosecurity.com Jump to…
-
Cisco Unified CM Zero-Day RCE Under Attack, CISA Issues Warning
Tags: attack, cisa, cisco, communications, cve, cyber, exploit, flaw, kev, rce, remote-code-execution, service, vulnerability, zero-dayCISA has added CVE-2026-20045, a critical zero-day remote code execution (RCE) vulnerability in Cisco Unified Communications Manager (Unified CM), to its Known Exploited Vulnerabilities (KEV) catalog. Added on January 21, 2026, this flaw affects multiple Cisco Unified Communications products, including Unified CM, Unified CM Session Management Edition (SME), Unified CM IM & Presence Service, Cisco…
-
Foxit, Epic Games Store, MedDreams vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS..The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/foxi-and-epic-games/
-
Dringend patchen: Hacker attackieren Cisco-Tools über Zero-Day-Lücke
Admins sollten zügig handeln. In mehreren Cisco-Produkten klafft eine gefährliche Sicherheitslücke. Erste Attacken wurden bereits beobachtet. First seen on golem.de Jump to article: www.golem.de/news/unified-cm-und-mehr-hacker-attackieren-cisco-systeme-ueber-zero-day-luecke-2601-204499.html
-
Unified CM und mehr: Hacker attackieren Cisco-Systeme über Zero-Day-Lücke
Admins sollten zügig handeln. In mehreren Cisco-Produkten klafft eine gefährliche Sicherheitslücke. Erste Attacken wurden bereits beobachtet. First seen on golem.de Jump to article: www.golem.de/news/unified-cm-und-mehr-hacker-attackieren-cisco-systeme-ueber-zero-day-luecke-2601-204499.html