Redazione RHC : 30 August 2025 10:39 On August 30, 2025, Google issued a critical security advisory concerning its popular Gmail service, impacting approximately 2.5 billion users globally. This alert follows a significant data breach involving a third-party Salesforce-based application utilized by the company, prompting heightened vigilance among users to enhance account…
AI-Powered Cloud Next-Generation Firewalls, Network Firewalls, Network Access Control, Security Operations Cisco Gains Recognition While HPE Juniper Emerges as a Challenger in New Hybrid Mesh Firewall Rankings Michael Novinson (MichaelNovinson) • August 29, 2025 The initial Magic Quadrant for hybrid mesh firewalls from Gartner has identified industry leaders, with Palo…
A recent data breach at TransUnion has compromised the Social Security numbers of 4.4 million consumers in the United States, following a cyber attack on a Salesforce-integrated application. The breach is associated with the hacking group identified as UNC6395. In an incident that began on July 28, 2025, credit reporting…
A coalition of international cybersecurity organizations, spearheaded by the UK’s National Cyber Security Centre (NCSC), has publicly implicated three technology firms based in China in a sustained global cyberattack campaign. In a recent advisory, the NCSC and partners from twelve nations—including the United States, Australia, Canada, New Zealand, Czech Republic,…
TransUnion, one of the largest credit reporting agencies in the United States, has announced a data breach impacting the personal information of approximately 4.4 million customers. This incident, which occurred on July 28, resulted from unauthorized access to a third-party application that stores customer data. Notably, the company clarified that…
Farmers Insurance has announced a data breach affecting approximately 1.1 million customers. This incident, linked to the hacker groups ShinyHunters and Scattered Spider, reflects a troubling trend of cyberattacks targeting organizations using Salesforce’s platform. Farmers Insurance has recently revealed a significant data breach impacting over 1.1 million customers. The company…
April 19, 2023
Network Security / Cyber Espionage
Cybersecurity and intelligence agencies from the U.S. and U.K. have issued a warning about Russian state-sponsored actors exploiting recently patched vulnerabilities in Cisco networking equipment for reconnaissance and malware deployment against specific targets. These intrusions occurred in 2021 and affected a limited number of entities across Europe, U.S. government agencies, and around 250 Ukrainian victims. The activity has been linked to the threat group APT28, also known as Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, and Sofacy, which is connected to the Russian General Staff Main Intelligence Directorate (GRU). The National Cyber Security Centre (NCSC) noted that APT28 gained access to vulnerable routers using default and weak SNMP community strings, as well as by exploiting CVE-2017-6742, a remote code execution vulnerability with a CVSS score of 8.8.
U.S. and U.K. Governments Alert on Russian Cyber Actors Exploiting Cisco Vulnerabilities On April 19, 2023, cybersecurity and intelligence agencies from the United States and the United Kingdom issued a warning regarding the activities of Russian state-sponsored hackers. These actors have been identified as exploiting previously patched vulnerabilities in Cisco…
April 19, 2023
Network Security / Cyber Espionage
Cybersecurity and intelligence agencies from the U.S. and U.K. have issued a warning about Russian state-sponsored actors exploiting recently patched vulnerabilities in Cisco networking equipment for reconnaissance and malware deployment against specific targets. These intrusions occurred in 2021 and affected a limited number of entities across Europe, U.S. government agencies, and around 250 Ukrainian victims. The activity has been linked to the threat group APT28, also known as Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, and Sofacy, which is connected to the Russian General Staff Main Intelligence Directorate (GRU). The National Cyber Security Centre (NCSC) noted that APT28 gained access to vulnerable routers using default and weak SNMP community strings, as well as by exploiting CVE-2017-6742, a remote code execution vulnerability with a CVSS score of 8.8.
June 5, 2025
Network Security / Vulnerability
Cisco has issued security patches for a severe vulnerability affecting its Identity Services Engine (ISE). This flaw, identified as CVE-2025-20286 and rated 9.9 out of 10 on the CVSS scale, could be exploited by unauthenticated attackers to perform harmful actions on vulnerable systems. The vulnerability, categorized as a static credential issue, affects cloud deployments on Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). Cisco warned that attackers could potentially access sensitive data, perform limited administrative tasks, alter system configurations, or disrupt services in the affected environments. The networking company credited Kentaro Kawane from GMO Cybersecurity for reporting the flaw and acknowledged the presence of a proof-of-concept (PoC) exploit, although no active exploitation has been confirmed.
Critical Cisco ISE Authentication Bypass Vulnerability Threatens Cloud Environments on AWS, Azure, and OCI On June 5, 2025, Cisco announced the release of security patches addressing a high-severity vulnerability within its Identity Services Engine (ISE). This flaw, designated as CVE-2025-20286, has received a CVSS score of 9.9 out of 10,…
June 5, 2025
Network Security / Vulnerability
Cisco has issued security patches for a severe vulnerability affecting its Identity Services Engine (ISE). This flaw, identified as CVE-2025-20286 and rated 9.9 out of 10 on the CVSS scale, could be exploited by unauthenticated attackers to perform harmful actions on vulnerable systems. The vulnerability, categorized as a static credential issue, affects cloud deployments on Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). Cisco warned that attackers could potentially access sensitive data, perform limited administrative tasks, alter system configurations, or disrupt services in the affected environments. The networking company credited Kentaro Kawane from GMO Cybersecurity for reporting the flaw and acknowledged the presence of a proof-of-concept (PoC) exploit, although no active exploitation has been confirmed.
The FBI and Cisco have issued urgent warnings about Russian hackers exploiting a seven-year-old vulnerability in Cisco Smart Install, impacting outdated routers and switches globally. A significant number of legacy Cisco devices, which no longer receive security updates, are currently being targeted as part of a sophisticated cyber espionage campaign,…
