#VelvetAntThreat

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

by

August 22, 2024 at 12:18PM A China-nexus threat group, Velvet Ant, exploited a recently patched security flaw in Cisco switches as a zero-day, enabling extensive system control and evasion of detection. This involved weaponizing CVE-2024-20399 to deliver bespoke malware, facilitate data exfiltration, and establish persistent access. The attackers’ sophisticated tactics and use of open-source tools … Read more

Patch Now: Cisco Zero-Day Under Fire From Chinese APT

by

July 2, 2024 at 09:22AM Cisco has patched a command-line injection flaw (CVE-2024-20399, CVSS 6.0) in its NX-OS software, used for managing switches in data centers. The flaw can allow authenticated attackers to execute arbitrary commands as root. It has been exploited by the China-backed threat group Velvet Ant. Cisco has released updates to patch … Read more