Latest Cisco news

Cisco warns of NX-OS zero-day exploited to deploy custom malware

Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches.
- Sergiu Gatlan
- July 01, 2024
- 01:46 PM
- 0
CEO who sold fake Cisco devices to US military gets 6 years in prison

Onur Aksoy, the CEO of a group of companies controlling multiple online storefronts, was sentenced to six and a half years in prison for selling $100 million worth of counterfeit Cisco network equipment to government, health, education, and military organizations worldwide.
- Sergiu Gatlan
- May 02, 2024
- 06:01 PM
- 1
ArcaneDoor hackers exploit Cisco zero-days to breach govt networks

Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide.
- Sergiu Gatlan
- April 24, 2024
- 01:07 PM
- 0
Cisco discloses root escalation flaw with public exploit code

Cisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root.
- Sergiu Gatlan
- April 17, 2024
- 01:25 PM
- 1
Cisco warns of large-scale brute-force attacks against VPN services

Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide.
- Bill Toulas
- April 16, 2024
- 12:11 PM
- 2
Cisco Duo warns third-party data breach exposed SMS MFA logs

Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider.
- Bill Toulas
- April 15, 2024
- 10:52 AM
- 0
Cisco warns of password-spraying attacks targeting VPN services

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.
- Bill Toulas
- March 28, 2024
- 12:37 PM
- 0
Critical Cisco bug exposes Expressway gateways to CSRF attacks

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery (CSRF) attacks.
- Sergiu Gatlan
- February 07, 2024
- 01:22 PM
- 0
Save $149 on this core IT certifications training course bundle

Getting certified helps you move your IT career forward. Get ready for those exams with these eight cybersecurity and IT exam prep courses for $34.99, $149 off the $184 MSR
- BleepingComputer Deals
- February 02, 2024
- 07:08 AM
- 0
Cisco warns of critical RCE flaw in communications software

Cisco is warning that several of its Unified Communications Manager (CM) and Contact Center Solutions products are vulnerable to a critical severity remote code execution security issue.
- Bill Toulas
- January 25, 2024
- 09:41 AM
- 0
Save $63 on this Cisco network engineer certification training bundle

Network engineering is key to every IT department's function, and knowing how it works can be a boost to your career. These seven network engineering certification courses help you master the discipline for $34.99, $63 off the $98 MSRP.
- BleepingComputer Deals
- January 19, 2024
- 07:12 AM
- 0
Finland warns of Akira ransomware wiping NAS and tape backup devices

The Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups.
- Bill Toulas
- January 11, 2024
- 10:01 AM
- 0
Cisco says critical Unity Connection bug lets attackers get root

Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.
- Sergiu Gatlan
- January 10, 2024
- 03:42 PM
- 0
Prep for Cisco CCNA & CCNP certifications with this $35 bundle deal

Pick up the Premium Cisco CCNA & CCNP Lifetime Certification Prep Bundle, on sale for just $34.99 (reg. $98) for a limited time.
- BleepingComputer Deals
- December 26, 2023
- 02:09 PM
- 0
Sponsored Content
Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis

The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article.
- Sponsored by Criminal IP
- November 13, 2023
- 10:02 AM
- 0
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked

Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices.
- Ionut Ilascu
- October 30, 2023
- 11:09 PM
- 0
Cisco patches IOS XE zero-days used to hack over 50,000 devices

Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week.
- Ionut Ilascu
- October 23, 2023
- 10:08 AM
- 0
Hackers update Cisco IOS XE backdoor to hide infected devices

The number of Cisco IOS XE devices detected with a malicious backdoor implant has plummeted from over 50,000 impacted devices to only a few hundred after the attackers updated the backdoor to hide infected systems from scans.
- Lawrence Abrams
- October 22, 2023
- 01:37 PM
- 2
Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.
- Sergiu Gatlan
- October 20, 2023
- 06:12 PM
- 0
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day

More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198.
- Ionut Ilascu
- October 19, 2023
- 09:08 PM
- 0