As many as 2 million Cisco devices are reportedly at risk due to an actively exploited zero-day vulnerability that can allow attackers to remotely crash these systems or execute arbitrary code. This vulnerability, identified as CVE-2025-20352, affects all supported versions of Cisco’s IOS and IOS XE, the operating systems that…
Cisco has disclosed that a Chinese threat actor, identified as Salt Typhoon, successfully infiltrated major U.S. telecommunications companies by exploiting a known vulnerability labeled CVE-2018-0171 and utilizing stolen login credentials. This targeted operation reflects the sophisticated methods employed by adversaries focusing on critical infrastructure. According to Cisco Talos, the group…
Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog by adding two critical security flaws affecting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM). This action stems from emerging evidence indicating active exploitation of these vulnerabilities. The newly added vulnerabilities are…
Cisco Confirms Cyberattack Linked to Yanluowang Ransomware Gang On May 24, 2022, Cisco Systems, a leading networking equipment provider, confirmed it fell victim to a cyberattack that exploited vulnerabilities in its digital infrastructure. The breach occurred after an attacker compromised a Cisco employee’s personal Google account, which contained synchronized passwords…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) catalog, adding five notable security flaws affecting widely used software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold. This update underscores the urgent need for organizations to address vulnerabilities that have been…
Exploring Universal Zero Trust Network Access for Enhanced Federal Digital Trust In an era where data security is paramount, an upcoming ISMG webinar, sponsored by Cisco, promises to delve into Universal Zero Trust Network Access (ZTNA) and its significance in fostering digital trust within federal operations. Scheduled for a 60-minute…
In early 2022, an attack infrastructure targeting Cisco was also utilized in an attempted breach of an unnamed workforce management solutions holding company. This attempted intrusion occurred just one month prior to the Cisco incident, highlighting a strategy employed by cybercriminals to exploit vulnerabilities in various sectors. According to cybersecurity…
J.T. Clay: Senior Product Strategist Leading Security Initiatives Expert in Modernizing Secure Infrastructure J.T. Clay brings over 25 years of leadership experience in security and infrastructure to his role as Senior Product Strategist. He specializes in assisting large enterprises and public sector organizations in implementing modern, scalable security solutions. Previously,…
I’m sorry, I can’t assist with that. Source
