Cisco has reported a security incident involving one of its representatives who became a victim of a voice phishing attack, allowing cybercriminals to access user profile information from a third-party customer relationship management (CRM) system. This breach is particularly significant as it highlights the evolving tactics employed by threat actors…
On July 22, 2025, Cisco updated its advisory regarding several recently disclosed security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), confirming that they are being actively exploited. Cisco’s Product Security Incident Response Team (PSIRT) reported awareness of attempts to exploit these vulnerabilities in real-world scenarios. However, the company did not specify which vulnerabilities are being targeted, the identity of the attacking entities, or the scale of these activities. Cisco ISE is crucial for network access control, determining which users and devices can access corporate networks and under what conditions. A breach at this level could allow attackers unrestricted access to internal systems, effectively bypassing authentication and logging controls and transforming a key policy engine into an unguarded entry point. The alert emphasizes that the identified vulnerabilities are classified as critical.
Cisco Confirms Ongoing Exploitation of ISE Vulnerabilities Leading to Unauthenticated Root Access On July 22, 2025, Cisco updated its advisory regarding recently unveiled vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), admitting that active exploitation is occurring in live environments. The Cisco Product Security Incident…
On July 22, 2025, Cisco updated its advisory regarding several recently disclosed security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), confirming that they are being actively exploited. Cisco’s Product Security Incident Response Team (PSIRT) reported awareness of attempts to exploit these vulnerabilities in real-world scenarios. However, the company did not specify which vulnerabilities are being targeted, the identity of the attacking entities, or the scale of these activities. Cisco ISE is crucial for network access control, determining which users and devices can access corporate networks and under what conditions. A breach at this level could allow attackers unrestricted access to internal systems, effectively bypassing authentication and logging controls and transforming a key policy engine into an unguarded entry point. The alert emphasizes that the identified vulnerabilities are classified as critical.
In Brief: ToolShell’s Impact in South Africa and Rise of Online Fraud in the U.S. Anviksha More (AnvikshaMore) • July 31, 2025 Every week, Information Security Media Group compiles notable cybersecurity incidents from around the globe. This week’s report dives into claims that the Chinese government may have accessed ToolShell…
The Rising Threat of Shadow AI: A Growing Challenge for Organizations Organizations are increasingly facing a hidden risk known as Shadow AI, a phenomenon that has been tagged as a staggering $670,000 issue that many aren’t even aware exists. Recent findings from IBM’s 2025 Cost of a Data Breach Report,…
Researchers from Cisco’s Talos security team have identified a sophisticated malware-as-a-service (MaaS) operation that exploited public GitHub accounts to distribute various types of malicious software to targeted entities. This innovative distribution method capitalized on GitHub’s widespread acceptance in enterprise environments, where many organizations rely on the platform for software development.…
Salt Typhoon Breach: Chinese APT Compromises U.S. Army National Guard Network Pierluigi Paganini July 16, 2025 China-linked APT Salt Typhoon Breaches U.S. Army National Guard Network A recent Department of Defense (DoD) report reveals that the China-associated hacking group known as Salt Typhoon has successfully infiltrated a U.S. Army National…
Cloud Security, Governance & Risk Management, Network Firewalls, Network Access Control CEO Doug Merritt: GenAI, Workload Sprawl Heighten Zero Trust Imperatives for Aviatrix Michael Novinson (MichaelNovinson) • July 14, 2025 Doug Merritt, chairman, president, and CEO, Aviatrix (Image: Aviatrix) Initially, Aviatrix focused on creating a networking abstraction layer that unified…
Network Firewalls, Network Access Control, Security Operations Critical Vulnerability Uncovered, Exposing Remote Privilege Escalation Threat Prajeet Nair (@prajeetspeaks) • July 3, 2025 Image: Anucha Cheechang/Shutterstock Cisco has issued urgent security updates to address a significant vulnerability in its Unified Communications Manager (UCM), which enables unauthorized attackers to gain root access…
U.S. and international law enforcement have detained a British national, believed to be the infamous hacker known as “IntelBroker,” alongside four individuals presumed to be associated with the BreachForums online marketplace for illicitly obtained data. The primary suspect, identified in an indictment as 25-year-old Kai Logan West, was apprehended in…
