October 17, 2024 at 07:53AM Cisco has issued patches for various vulnerabilities in ATA 190 series firmware, including two high-severity issues. This action addresses security concerns to enhance the protection of the devices. The updates were reported by SecurityWeek. **Meeting Takeaways:** 1. **Cisco Vulnerabilities Addressed**: Cisco has released patches for multiple vulnerabilities in the ATA … Read more
September 26, 2024 at 11:13AM Cisco Talos disclosed critical and high-severity vulnerabilities in OpenPLC, an open source programmable logic controller designed for industrial automation and research. These can be exploited for DoS attacks and remote code execution using specially crafted EtherNet/IP requests. The vulnerabilities were patched on September 17, and users are advised to update … Read more
September 12, 2024 at 07:47AM Cisco announced patches for eight vulnerabilities in the IOS XR network operating system, including fixes for six high-severity bugs. The most severe flaws allow privilege escalation and remote DoS attacks. Two high-severity flaws affecting the Routed Passive Optical Network (PON) controller software could be exploited for command injection. Cisco plans … Read more
September 6, 2024 at 04:06PM Russia-based attackers injected data-stealing JavaScript into Cisco’s online store, exploiting an Adobe Magento flaw. Cisco has fixed the issue and addressed the security concern, assuring that only a limited number of users were affected and no credentials were compromised. The attackers exploited a critical vulnerability, and the malicious JS code … Read more
September 5, 2024 at 08:55AM Cisco announced patches for multiple vulnerabilities, including two critical flaws in Smart Licensing Utility and a medium-severity Identity Services Engine flaw, with existing proof-of-concept code. The Smart Licensing bugs could allow remote unauthenticated access or logins, and Cisco advises migrating to version 2.3.0. Additionally, patches were announced for other high … Read more
August 22, 2024 at 02:36AM Cisco has expressed strong concerns about the United Nations’ first-ever cyber crime convention, calling it dangerously flawed and overly broad. According to Cisco, the convention, driven by Russia, could pose risks to basic human rights and the rule of law, and is not aligned with the values of free speech … Read more
May 3, 2024 at 09:10AM The cyberespionage campaign ArcaneDoor, targeting government networks with hacked Cisco firewalls, is likely operated by a Chinese state-sponsored threat actor. Exploiting two zero-day vulnerabilities, the attackers used custom malware to execute commands and exfiltrate data. Censys research supports the connection to China, citing IP addresses and the presence of Chinese-developed … Read more
April 19, 2024 at 03:26PM HelloKitty ransomware was rebranded as HelloGookie by its operator ‘Gookee/kapuchin0.’ Celebrating this rebrand, the threat actor released private decryption keys and leaked passwords and sensitive information from previous attacks on CD Projekt and Cisco. The group is now actively developing from the leaked source code. Whether HelloGookie will reach HelloKitty’s … Read more
April 17, 2024 at 01:28PM Cisco has issued patches for a high-severity vulnerability in its Integrated Management Controller (IMC), allowing local attackers to escalate privileges to root using crafted CLI commands. The flaw, tracked as CVE-2024-20295, affects various Cisco devices and has a public exploit code available. Cisco has also observed recent zero-day attacks on … Read more
April 15, 2024 at 03:30PM Cisco warned that a cyberattack on an unnamed telephony supplier compromised Duo MFA SMS message logs, potentially exposing phone numbers, carriers, and metadata. The breach could facilitate phishing and social engineering attacks. The attacker used an employee’s credentials obtained through a phishing attack to access the provider’s systems. Stolen logs … Read more