Tag: cisco
-
New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence
Trend Micro have reported a campaign exploiting a flaw in Cisco SNMP to install Linux rootkits on devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rootkit-campaign-exploits-cisco/
-
North Korean Hackers Deploy BeaverTailOtterCookie Combo for Keylogging Attacks
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools”, BeaverTail and OtterCookie”, to carry out stealthy keylogging, screenshot capture, and data exfiltration. This cluster of activity, part of the broader “Contagious Interview” operation, has evolved significantly since first noted, blurring lines between…
-
North Korean Hackers Deploy BeaverTailOtterCookie Combo for Keylogging Attacks
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools”, BeaverTail and OtterCookie”, to carry out stealthy keylogging, screenshot capture, and data exfiltration. This cluster of activity, part of the broader “Contagious Interview” operation, has evolved significantly since first noted, blurring lines between…
-
North Korean Hackers Deploy BeaverTailOtterCookie Combo for Keylogging Attacks
Researchers at Cisco Talos have uncovered a sophisticated campaign by the Famous Chollima subgroup of Lazarus, wherein attackers deploy blended JavaScript tools”, BeaverTail and OtterCookie”, to carry out stealthy keylogging, screenshot capture, and data exfiltration. This cluster of activity, part of the broader “Contagious Interview” operation, has evolved significantly since first noted, blurring lines between…
-
Critical insights QA: AcceleTrex pilots a trust-first, privacy-led model to reinforce business outcomes
I’ve been writing about data trust and privacy engineering for more than a decade. Related: Preserving privacy can be profitable In 2015, I sat down with Cisco’s privacy lead, Michelle Dennedy, who argued that privacy must be grounded in… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/critical-insights-qa-acceletrex-pilots-a-trust-first-privacy-led-model-to-reinforce-business-outcomes/
-
Critical insights QA: AcceleTrex pilots a trust-first, privacy-led model to reinforce business outcomes
I’ve been writing about data trust and privacy engineering for more than a decade. Related: Preserving privacy can be profitable In 2015, I sat down with Cisco’s privacy lead, Michelle Dennedy, who argued that privacy must be grounded in… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/critical-insights-qa-acceletrex-pilots-a-trust-first-privacy-led-model-to-reinforce-business-outcomes/
-
Critical insights QA: AcceleTrex pilots a trust-first, privacy-led model to reinforce business outcomes
I’ve been writing about data trust and privacy engineering for more than a decade. Related: Preserving privacy can be profitable In 2015, I sat down with Cisco’s privacy lead, Michelle Dennedy, who argued that privacy must be grounded in… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/critical-insights-qa-acceletrex-pilots-a-trust-first-privacy-led-model-to-reinforce-business-outcomes/
-
Senator presses Cisco over firewall flaws that burned US agency
Bill Cassidy letter asks if Switchzilla sat on critical flaws before feds were forced into emergency patching First seen on theregister.com Jump to article: www.theregister.com/2025/10/16/cisco_senate_scrutiny/
-
Senator presses Cisco over firewall flaws that burned US agency
Bill Cassidy letter asks if Switchzilla sat on critical flaws before feds were forced into emergency patching First seen on theregister.com Jump to article: www.theregister.com/2025/10/16/cisco_senate_scrutiny/
-
Critical insights QA: AcceleTrex pilots a trust-first, privacy-led model to reinforce business outcomes
I’ve been writing about data trust and privacy engineering for more than a decade. Related: Preserving privacy can be profitable In 2015, I sat down with Cisco’s privacy lead, Michelle Dennedy, who argued that privacy must be grounded in… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/critical-insights-qa-acceletrex-pilots-a-trust-first-privacy-led-model-to-reinforce-business-outcomes/
-
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks
Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems.The activity, codenamed Operation Zero Disco by Trend Micro, involves the weaponization of CVE-2025-20352 (CVSS score: 7.7), a stack overflow vulnerability in the Simple…
-
BeaverTail and OtterCookie evolve with a new Javascript module
Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK). First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/beavertail-and-ottercookie/
-
Cisco SNMP Vulnerability Actively Exploited to Install Linux Rootkits
Cybersecurity researchers at Trend Micro have discovered an active attack campaign dubbed >>Operation Zero Disco
-
Cisco SNMP Vulnerability Actively Exploited to Install Linux Rootkits
Cybersecurity researchers at Trend Micro have discovered an active attack campaign dubbed >>Operation Zero Disco
-
Cisco must share more information about effects of severe bugs on businesses, senator says
Cisco still has work to do in communicating with the private sector about the impact of two vulnerabilities in its Adaptive Security Appliances, Sen. Bill Cassidy says in a letter to the company’s CEO. First seen on therecord.media Jump to article: therecord.media/cisco-asa-vulnerabilities-sen-bill-cassidy-questions
-
Open PLC and Planet vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed one vulnerability in the OpenPLC logic controller and four vulnerabilities in the Planet WGR-500 router. For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/open-plc-and-planet-vulnerabilities/
-
PolarEdge C2 Communication via Custom Binary Protocol with Custom TLS Server
In early 2025, security researchers unveiled a sophisticated botnet implant named PolarEdge, which relies on a bespoke TLS server and a proprietary binary protocol to carry out unauthenticated command-and-control operations. PolarEdge first emerged in January 2025 when honeypots monitoring Cisco routers captured suspicious traffic exploiting CVE-2023-20118. Attackers used a crafted HTTP request with the User-Agent…
-
PolarEdge C2 Communication via Custom Binary Protocol with Custom TLS Server
In early 2025, security researchers unveiled a sophisticated botnet implant named PolarEdge, which relies on a bespoke TLS server and a proprietary binary protocol to carry out unauthenticated command-and-control operations. PolarEdge first emerged in January 2025 when honeypots monitoring Cisco routers captured suspicious traffic exploiting CVE-2023-20118. Attackers used a crafted HTTP request with the User-Agent…
-
What to look for in a data protection platform for hybrid clouds
Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trusthybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
-
What to look for in a data protection platform for hybrid clouds
Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trusthybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
-
What to look for in a data protection platform for hybrid clouds
Tags: access, advisory, ai, attack, automation, backup, breach, business, cisco, cloud, compliance, computing, control, corporate, data, defense, encryption, endpoint, framework, gartner, google, governance, government, group, guide, ibm, identity, infrastructure, intelligence, Internet, iot, kubernetes, law, malware, metric, microsoft, monitoring, network, oracle, privacy, ransomware, regulation, risk, risk-assessment, saas, service, software, technology, threat, tool, veeam, vmware, vulnerability, zero-trusthybrid cloud data protection buyer’s guide today!] In this buyer’s guide Data protection for hybrid clouds explainedWhy hybrid clouds need data protectionWhat to look for in a data protection platform for hybrid cloudsMajor trends in data protection for hybrid cloudsLeading vendors for data protection of hybrid cloudsWhat to ask before buying data protection for hybrid…
-
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts.”Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, ‘serviceaccount,’” eSentire said in a technical report published First seen on thehackernews.com…
-
Cisco’s new router unites disparate datacenters into AI training behemoths
With enough routers, Switchzilla says it can link bit barns 1,000 km apart and scale fabrics beyond 3 exabits per second First seen on theregister.com Jump to article: www.theregister.com/2025/10/08/cisco_multi_datacenter/
-
Report für Q2 2025 – Cisco warnt vor Phishing durch Kollegen
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-talos-report-phishing-attacken-kollegen-konten-a-182ef6c18d3f61c59a94721e7fc48604/
-
Threat Actors Exploit DFIR Tool Velociraptor in Ransomware Attacks
Tags: access, attack, cisco, cyber, exploit, incident response, open-source, ransomware, software, threat, toolCisco Talos has confirmed that ransomware operators are now leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool, to gain stealthy, persistent access and deploy multiple ransomware variants against enterprise environments. This marks the first definitive linkage between Velociraptor and ransomware operations, underscoring a shift in how threat actors incorporate legitimate security software…
-
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
-
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
-
AI Security Goes Mainstream as Vendors Spend Heavily on M&A
Platform Vendors Target Runtime Defense, Prompt Flow, Agent Identity and Output As autonomous AI grows, so does the security risk. Prompt injection, identity control and AI observability are at the center of a dozen recent acquisitions, as vendors including Cisco, CrowdStrike, Palo Alto Networks and SentinelOne try to adapt to the autonomy and unpredictability of…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…