July 1, 2024 at 01:48PM Cisco patched an NX-OS zero-day vulnerability used in April attacks to install new malware on susceptible switches. Sygnia attributed the attacks to a Chinese state-sponsored group called Velvet Ant. The exploit allowed the threat actors to gain access, upload files, and execute malicious code. Cisco advises monitoring and changing administrative … Read more
April 18, 2024 at 08:45AM Cisco released patches for a high-severity IMC vulnerability (CVE-2024-20295, CVSS 8.8) allowing local attackers to inject commands and gain root privileges. Another flaw (CVE-2024-20356) could let remote attackers gain root privileges. A medium-severity bug (CVE-2024-20373) in IOS and IOS XE software was also fixed. Users are urged to update their … Read more
April 18, 2024 at 05:45AM Cisco introduced Hypershield, an AI-native and cloud-native enterprise security solution designed for applications, devices, and data across various environments. Key features include distributed exploit protection, autonomous segmentation, and dual dataplane technology to address software upgrade disruptions. The solution leverages the Tesseract Security Agent and VM/container-based network enforcement points, with a … Read more
April 18, 2024 at 03:11AM Cisco has developed Hypershield, a new approach to network security. It introduces “enforcement points” – tiny firewalls deployed on servers or in data processing units. These points are informed about observed applications and potential threats, allowing for proactive actions such as patching or creating new network segments. Hypershield will debut … Read more
March 28, 2024 at 12:38PM Cisco has released recommendations to address password-spraying attacks targeting Remote Access VPN services on Cisco Secure Firewall devices, which are believed to be part of reconnaissance activity. The company suggests indicators of compromise for detection and blocking, such as abnormal authentication requests and inability to establish VPN connections. Security researcher … Read more
March 14, 2024 at 09:15AM Cisco announced patches for multiple high-severity vulnerabilities in IOS RX software, addressing DoS and privilege elevation risks. Vulnerabilities include flaws in SSH, line cards with Layer 2 services, and PPPoE termination in ASR 9000 series routers. The fixes are part of the March 2024 IOS RX security advisories bundle, also … Read more
March 6, 2024 at 10:39AM Cisco introduced an open source tool to enhance visibility into backplane traffic in industrial settings, resolving issues with monitoring and security. The tool, named Badgerboard, focuses on Schneider Electric’s Modicon M580 PLCs and X80 backplane. Cisco aims to encourage customers to demand more comprehensive monitoring solutions and urges PLC vendors … Read more
February 29, 2024 at 07:57AM Cisco released its semiannual FXOS and NX-OS security advisory bundle, which includes info on four vulnerabilities. Two high-severity flaws impact NX-OS software: CVE-2024-20321 allows remote attackers to perform a DoS attack, while CVE-2024-20267 could cause a DoS condition. Medium-severity flaws in FXOS and NX-OS software were also patched. Additional details … Read more
February 7, 2024 at 01:30PM Cisco has addressed critical vulnerabilities in its Expressway Series gateways through patches, mitigating the risk of cross-site request forgery (CSRF) attacks. These security flaws could allow attackers to remotely target and manipulate vulnerable systems. Expressway Series devices with default configurations are impacted by the vulnerabilities, prompting the need for migration … Read more
January 25, 2024 at 12:59PM A new critical bug (CVE-2024-20253, 9.9 CVSS) in Cisco UC/CC solutions poses an unauthenticated remote code execution risk. Attackers can exploit the bug through specially crafted messages, potentially leading to data breaches, service disruption, and unauthorized system access. Cisco has issued patches and recommended interim measures to mitigate the vulnerability. … Read more