Cisco Releases Security Advisories for Multiple Products

Cisco has released nine security advisories addressing multiple vulnerabilities, including one critical and two high severity advisories affecting Cisco Identity Services Engine (ISE), Cisco NX-OS, Cisco Expressway, Cisco IOS, Cisco IOS XE, Cisco IOS XR, Secure Email and Web Manager, Read More …

Cisco Releases Security Advisories for Multiple Products

Cisco has released 15 security advisories addressing multiple vulnerabilities, including one critical and two high severity vulnerabilities affecting various products. The critical vulnerability affects Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point, a software that uses wireless Read More …

Governments issue alerts after ‘sophisticated’ state-backed actor found exploiting flaws in Cisco security boxes

A previously unknown and “sophisticated” nation-state group compromised Cisco firewalls as early as November 2023 for espionage purposes — and possibly attacked network devices made by other vendors including Microsoft, according to warnings from the networking giant and three Western Read More …

#StopRansomware: Akira Ransomware summary

Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting Read More …

Cisco Duo says a third-party data breach stole MFA SMS logs

Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Read More …

Cisco aids Ukraine in cyber defense with modified switches to counter Russian attacks

Cisco has proactively shipped modified switches to Ukrenergo, the state-owned electricity grid operator in Ukraine, to bolster its defenses against Russian cyberattacks targeting energy infrastructure. These attacks have included the use of GPS-jamming tactics, which disrupt the high-voltage energy subsystems Read More …

Cisco discloses XSS zero-day flaw in server management tool

Cisco disclosed today a zero-day vulnerability in the company’s Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks. This server management utility enables admins to perform migration or upgrade tasks on servers in their organization’s inventory. Read More …

Cisco discloses high-severity IP phone bug with exploit code

Cisco has disclosed today a high-severity vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks. The company warned on Thursday that its Product Security Incident Response Team Read More …