Tag: cisco
-
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
-
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
-
AI Security Goes Mainstream as Vendors Spend Heavily on M&A
Platform Vendors Target Runtime Defense, Prompt Flow, Agent Identity and Output As autonomous AI grows, so does the security risk. Prompt injection, identity control and AI observability are at the center of a dozen recent acquisitions, as vendors including Cisco, CrowdStrike, Palo Alto Networks and SentinelOne try to adapt to the autonomy and unpredictability of…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Trinity of Chaos Leaks Data from 39 Companies, Google, Cisco Among Targets
A newly formed ransomware collective calling itself the Trinity of Chaos has published a data leak site (DLS) on the TOR network exposing the stolen records of 39 prominent corporations, including Google Adsense, CISCO, Toyota, FedEx and Disney/Hulu. The alliance comprises threat actors from Lapsus$, Scattered Spider and ShinyHunters, signaling a shift toward traditional ransomware…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Salesforce AI agents set to assist enterprises with security and compliance
Tags: access, ai, cisco, cloud, compliance, crowdstrike, data, detection, finance, google, ibm, marketplace, strategy, threat, tool, vulnerabilitySalesforce Agentforce: Agentforce is a relatively new platform but has already evolved at an extremely rapid pace. It was first unveiled in September 2024, became generally available the following month, added testing and agent lifecycle management tools in November, announced integration with Slack and other platforms in December, added autonomous agents that can take action…
-
Hackers Exploit CSS Properties to Conceal Malicious Code in Hidden Text Salting Attacks
In a sophisticated evolution of email-based attacks, adversaries have begun leveraging Cascading Style Sheets (CSS) to inject hidden “salt”, irrelevant content used to confuse detection systems, deep within HTML emails. Cisco Talos’s year-long monitoring (March 1, 2024 July 31, 2025) reveals a marked increase in the abuse of CSS properties to conceal […] The post…
-
Hackers Exploit CSS Properties to Conceal Malicious Code in Hidden Text Salting Attacks
In a sophisticated evolution of email-based attacks, adversaries have begun leveraging Cascading Style Sheets (CSS) to inject hidden “salt”, irrelevant content used to confuse detection systems, deep within HTML emails. Cisco Talos’s year-long monitoring (March 1, 2024 July 31, 2025) reveals a marked increase in the abuse of CSS properties to conceal […] The post…
-
Cyberbedrohungslage für KMUs spitzt sich zu
Tags: ai, business, cisco, cyberattack, cyersecurity, extortion, germany, infrastructure, leak, phishing, ransomware, risk, vulnerabilityKMUs sind häufig Ziel von Ransomware-Angriffen.Laut der Transferstelle Cybersicherheit im Mittelstand haben sich Cyberangriffe auf deutsche Unternehmen, die auf Leak-Seiten veröffentlicht wurden, zwischen den Jahren 2021 bis 2024 mehr als vervierfacht. Damit ist Deutschland trauriger Spitzenreiter, gefolgt von Italien, Frankreich und Spanien.Auch die Zahlen des Bundeskriminalamts (BKA) bestätigen diese Entwicklung. Der polizeilichen Kriminalstatistik von 2024…
-
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/05/week-in-review-many-cisco-asa-firewalls-still-unsecure-hackers-claim-red-hats-gitlab-breach/
-
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/05/week-in-review-many-cisco-asa-firewalls-still-unsecure-hackers-claim-red-hats-gitlab-breach/
-
IIS Servers Compromised by Chinese Hackers for SEO Manipulation
Cisco Talos has revealed that UAT-8099, a Chinese-speaking cybercrime group, has been exploiting vulnerable Internet Information Services (IIS) servers across multiple countries to conduct search engine optimization (SEO) fraud and steal high-value data. Identified in April 2025, this group targets reputable IIS servers in India, Thailand, Vietnam, Canada, and Brazil, focusing on organizations such as…
-
IIS Servers Compromised by Chinese Hackers for SEO Manipulation
Cisco Talos has revealed that UAT-8099, a Chinese-speaking cybercrime group, has been exploiting vulnerable Internet Information Services (IIS) servers across multiple countries to conduct search engine optimization (SEO) fraud and steal high-value data. Identified in April 2025, this group targets reputable IIS servers in India, Thailand, Vietnam, Canada, and Brazil, focusing on organizations such as…
-
UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud
Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in SEO fraud and theft of high-value credentials, configuration files, and certificate data. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-8099-chinese-speaking-cybercrime-group-seo-fraud/
-
Nvidia and Adobe vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Nvidia and one in Adobe Acrobat.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/nvidia-and-adobe-vulnerabilities/
-
Warnings about Cisco vulns under active exploit are falling on deaf ears
50,000 firewall devices still exposed First seen on theregister.com Jump to article: www.theregister.com/2025/09/30/cisco_firewall_vulns/
-
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nearly-50-000-cisco-firewalls-vulnerable-to-actively-exploited-flaws/
-
Cisco firewall flaws endanger nearly 50,000 devices worldwide
The U.S., the U.K. and Japan lead the list of the most vulnerable countries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-vulnerabilities-shadowserver-initial-exposure/761490/
-
U.S. CISA adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Adminer, Cisco IOS, Fortra GoAnywhere MFT, Libraesva ESG, and Sudo flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions…
-
UK and US urge Cisco users to ditch endlife security appliances
An ongoing campaign of cyber attacks is targeting users of end-of-life Cisco security appliance kit First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632046/UK-US-urge-Cisco-users-to-ditch-end-of-life-security-appliances
-
UK and US urge Cisco users to ditch endlife security appliances
An ongoing campaign of cyber attacks is targeting users of end-of-life Cisco security appliance kit First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632046/UK-US-urge-Cisco-users-to-ditch-end-of-life-security-appliances
-
Warnung der CISA – Zwei Zero-Days bei Cisco erlauben Manipulation von HTTP(S)-Anfragen
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-ios-ios-xe-asa-warnung-cisa-a-473aea43635fe9588f8547d70ebe1a6d/
-
UK, US urge Cisco users to ditch endlife security appliances
An ongoing campaign of cyber attacks is targeting users of end-of-life Cisco security appliance kit. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632046/UK-US-urge-Cisco-users-to-ditch-end-of-life-security-appliances
-
CISA orders feds to patch Cisco flaws used in multiple agency hacks
One U.S. official called the ongoing cyberattack campaign “very sophisticated.” First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/
-
âš¡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More
Cybersecurity never stops”, and neither do hackers. While you wrapped up last week, new attacks were already underway.From hidden software bugs to massive DDoS attacks and new ransomware tricks, this week’s roundup gives you the biggest security moves to know. Whether you’re protecting key systems or locking down cloud apps, these are the updates you…
-
Week in review: Cisco ASA zero-day vulnerabilities exploited, Fortra GoAnywhere instances at risk
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How Juventus protects fans, revenue, and reputation during matchdays In this … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/28/week-in-review-cisco-asa-zero-day-vulnerabilities-exploited-fortra-goanywhere-instances-at-risk/
-
CISA Orders Urgent Patching of Cisco Firewall Zero-Day Vulnerabilities
CISA warns of active Cisco ASA exploits. Patch now to block remote code execution and privilege escalation risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisa-urgent-patch-cisco-firewall/
-
This Time, I Had Something Special to Offer
The call came from a Fortune 20 customer yesterday morning. “Hey, Vinay, we’re getting flooded with noise about these two new Cisco ASA/FTD vulnerabilities that CISA posted the emergency advisory on. We are seeing a ton of inconsistent information, would like something to put it together for an exec view. Some enterprises are shutting down……