Tag: cisco
-
Feds Fumble Cisco Patches as China-Linked Hackers Strike
CISA Says Agencies Believed They Patched Cisco Flaws But Had Not. The U.S. cyber defense agency issued new patch guidance after discovering multiple federal agencies failed to properly secure Cisco firewalls, leaving federal networks exposed to exploitation by a suspected Chinese threat actor despite a prior emergency directive. First seen on govinfosecurity.com Jump to article:…
-
CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government
The federal cybersecurity agency said some government departments had been actively exploited after failing to properly patch their systems. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/13/cisa-warns-federal-agencies-to-patch-flawed-cisco-firewalls-amid-active-exploitation-across-the-us-government/
-
>>Patched<< but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/
-
>>Patched<< but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/13/cisa-directive-cve-2025-20333-cve-2025-20362/
-
Zero-day exploits hit Cisco ISE and Citrix systems in an advanced campaign
Tags: access, attack, authentication, cisco, citrix, credentials, defense, encryption, endpoint, exploit, identity, infrastructure, monitoring, network, risk, service, tactics, threat, update, zero-daypatch-gap exploitation technique is a hallmark of sophisticated threat actors who closely monitor security updates and quickly weaponize vulnerabilities.”Amazon did not immediately respond to CSO’s queries on why it’s sharing information about the zero-day exploits months after.After gaining access, the actor deployed a tailor-made web shell disguised as the “IdentityAuditAction” component of Cisco ISE. It…
-
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-feds-to-fully-patch-actively-exploited-cisco-flaws/
-
Unleashing the Kraken ransomware group
In August 2025, Cisco Talos observed big-game hunting and double extortion attacks carried out by Kraken, a Russian-speaking group that has emerged from the remnants of the HelloKitty ransomware cartel. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/kraken-ransomware-group/
-
ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories
Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems…
-
Amazon alerts: advanced threat actor exploits Cisco ISE Citrix NetScaler zero-days
Amazon warns that an advanced threat actor exploited zero-days in Cisco ISE and Citrix NetScaler to deploy custom malware. Amazon’s threat intelligence researchers spotted an advanced threat actor exploiting two previously undisclosed zero-day flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC to deliver custom malware. Attackers also exploited multiple undisclosed vulnerabilities. Amazon’s…
-
Zero-Day Vulnerabilities in Cisco and Citrix Targeted by APT Group, Amazon Confirms
Amazon’s threat intelligence division has revealed a cyber-espionage campaign involving an advanced persistent threat (APT) group exploiting previously undisclosed zero-day vulnerabilities in systems from Cisco and Citrix. The investigation showed that the attackers specifically targeted critical identity and network access control infrastructure; components of enterprises rely on managing authentication and enforcing security policies across their networks. First…
-
Zero-Day Vulnerabilities in Cisco and Citrix Targeted by APT Group, Amazon Confirms
Amazon’s threat intelligence division has revealed a cyber-espionage campaign involving an advanced persistent threat (APT) group exploiting previously undisclosed zero-day vulnerabilities in systems from Cisco and Citrix. The investigation showed that the attackers specifically targeted critical identity and network access control infrastructure; components of enterprises rely on managing authentication and enforcing security policies across their networks. First…
-
‘CitrixBleed 2’ Wreaks Havoc as Zero-Day Bug
The same APT hammered critical bugs in Citrix NetScaler (CVE-2025-5777) and the Cisco Identity Service Engine (CVE-2025-20337) in a sign of growing adversary interest in identity and access management systems. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/citrixbleed-2-cisco-zero-day-bugs
-
Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns
Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned. First seen on therecord.media Jump to article: therecord.media/federal-cisco-patches-warning
-
Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns
Federal civilian agencies are not patching vulnerable Cisco devices sufficiently to protect themselves from an active hacking campaign, the Cybersecurity and Infrastructure Security Agency warned. First seen on therecord.media Jump to article: therecord.media/federal-cisco-patches-warning
-
‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days
The hackers notably used custom malware and were exploiting CVE-2025-5777, now known colloquially as “Citrix Bleed Two”, before it was disclosed publicly in July. First seen on therecord.media Jump to article: therecord.media/advanced-hacker-exploiting-cisco-citrix-zero-days-amazon
-
Amazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-threat-intel-apt-group-cisco-citrix-zero-days/
-
Amazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-threat-intel-apt-group-cisco-citrix-zero-days/
-
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data. First seen on hackread.com Jump to article: hackread.com/cisco-open-weight-ai-models-long-chat-exploit/
-
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data. First seen on hackread.com Jump to article: hackread.com/cisco-open-weight-ai-models-long-chat-exploit/
-
Cisco ASA und FTD akut gefährdet – Angreifer provozieren Neustarts ungepatchter Cisco-Firewalls
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-systeme-angriffsvariante-cve-2025-20333-cve-2025-20362-a-00964e1ef07f585bc9b7789a690e6a7e/
-
Cisco detects new attack variant targeting vulnerable firewalls
Hackers may be able to overload unpatched devices, the company said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-attack-variant-arcanedoor/805116/
-
Cisco detects new attack variant targeting vulnerable firewalls
Hackers may be able to overload unpatched devices, the company said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-attack-variant-arcanedoor/805116/
-
Week in review: Cisco fixes critical UCCX flaws, November 2025 Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing real-time payments without slowing them down In this Help Net … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/09/week-in-review-cisco-fixes-critical-uccx-flaws-november-2025-patch-tuesday-forecast/
-
Cisco Warns of Active Exploitation of ASA and FTD 0-Day Vulnerability
Cisco warns that hackers are actively exploiting a 0-day flaw in its firewall software, putting unpatched systems at risk of full compromise. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisco-warns-of-active-exploitation-of-asa-and-ftd-0-day-vulnerability/
-
Cisco ISE Bug Exposes Networks to Remote Restart Attacks
A critical flaw in Cisco ISE allows remote attackers to trigger system restarts, disrupting authentication and exposing networks to denial-of-service attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisco-ise-bug-exposes-networks-to-remote-restart-attacks/