Search cyberveille.decio.ch

Cisco warns of continued exploitation of 10-year-old ASA bug

Cisco on Dec. 2 updated an advisory from March 18 about a 10-year-old vulnerability in the WebVPN login page of Cisco’s Adaptive Security Appliance (ASA) software that could let an unauthenticated remote attacker conduct a cross-site scripting (XSS) attack. In its recent update, the Cisco Product Security Incident Response Team (PSIRT) said it became aware of additional attempted exploitation of this vulnerability in the wild last month.

#scworld #EN #2024 #10-year-old #ASA #bug #Cisco #CVE-2014-2120

·scworld.com·Dec 7, 2024

Cisco warns of continued exploitation of 10-year-old ASA bug

Cisco notifies ‘limited set’ of customers after hacker accessed non-public files

The company has said it didn't suffer a breach, but announced a threat actor downloaded data on a public-facing DevHub environment.

#therecord.media #EN #2024 #Cisco #Data-Breach

·therecord.media·Nov 5, 2024

Cisco notifies ‘limited set’ of customers after hacker accessed non-public files

Cisco fixes bug under exploit in brute-force attacks

Who doesn't love abusing buggy appliances, really?

#theregister #EN #2024 #cisco #ASA #CVE-2024-20481 #Firepower #VPN #RAVPN #bug #brute-force

·theregister.com·Oct 28, 2024

Cisco fixes bug under exploit in brute-force attacks

China-linked APT group Salt Typhoon compromised some US ISPs

China-linked threat actors compromised some U.S. internet service providers as part of a cyber espionage campaign code-named Salt Typhoon. The state-sponsored hackers aimed at gathering intelligence from the targets or carrying out disruptive cyberattacks. The Wall Street Journal reported that experts are investigating into the security breached to determine if the attackers gained access to Cisco Systems routers, which are core network components of the ISP infrastructures.

#securityaffairs #EN #2024 #China-linked #APT #Salt-Typhoon #US #ISP #compromised #Cisco

·securityaffairs.com·Sep 27, 2024

China-linked APT group Salt Typhoon compromised some US ISPs

Cisco warns of backdoor admin account in Smart Licensing Utility

Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative privileges.

#bleepingcomputer #EN #2024 #Backdoor #Cisco #Smart-Licensing-Utility

·bleepingcomputer.com·Sep 4, 2024

Cisco warns of backdoor admin account in Smart Licensing Utility

Critical Cisco bug lets hackers add root users on SEG devices

Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness that allows replacing any file on the underlying operating system.

#bleepingcomputer #EN #2024 #Code #InfoSec #Execution #Path #Gateway #Denial #DoS #Remote #Cisco #RCE #CVE-2024-20401 #SEG

·bleepingcomputer.com·Jul 19, 2024

Critical Cisco bug lets hackers add root users on SEG devices

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

Discover key insights into the recently disclosed Cisco NX-OS software CLI vulnerability (CVE-2024-20399) affecting numerous Cisco Nexus devices.

#sygnia #EN #2024 #CVE-2024-20399 #Cisco #NX-OS #Command #Injection #Nexus

·sygnia.co·Jul 2, 2024

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

Cisco warns of NX-OS zero-day exploited to deploy custom malware

Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches.

#bleepingcomputer #EN #2024 #China #Cisco #Command-Injection #Malware #NX-OS #Root #Switch #Velvet-Ant #Zero-Day

·bleepingcomputer.com·Jul 1, 2024

Cisco warns of NX-OS zero-day exploited to deploy custom malware

Vulnerability in Cisco Webex cloud service exposed government authorities, companies

A previously discovered vulnerability affecting self-hosted Cisco Webex instances similarly affected the Webex cloud service.

#helpnetsecurity #EN #2024 #Vulnerability #Cisco #Webex #cloud #service #exposed #government

·helpnetsecurity.com·Jun 5, 2024

Vulnerability in Cisco Webex cloud service exposed government authorities, companies

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

Sources suspect China is behind the targeted exploitation of two zero-day vulnerabilities in Cisco’s security appliances.

#wired #EN #2024 #0-day #vulnerabilities #security #cisco #cybersecurity #china #hacking #ArcaneDoor

·wired.com·Apr 25, 2024

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

Cisco: Hacker breached multifactor authentication message provider on April 1

Cisco said one of the providers it uses to send multifactor authentication (MFA) messages was breached by a threat actor on April 1. In emails to customers, Cisco said the incident specifically affected Duo — a multifactor authentication company it acquired in 2018. The attacker breached the system of a telephony supplier that Duo uses to send MFA messages through texts and phone calls to its customers.

#therecord #EN #2024 #Cisco #breached #multifactor #authentication #duo

·therecord.media·Apr 20, 2024

Cisco: Hacker breached multifactor authentication message provider on April 1

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days

SecurityScorecard has discovered the threat actor group Volt Typhoon has compromised 30% of Cisco RV320/325 Devices in 37 Days. Learn more.

#securityscorecard #EN #2024 #VoltTyphoon #Cisco #RV320/325 #research #compromised

·securityscorecard.com·Jan 15, 2024

Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.

#bleepingcomputer #EN #2023 #Cisco #IOS-XE #Zero-Day #CVE-2023-20273

·bleepingcomputer.com·Oct 21, 2023

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability

Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software (CVE-2023-20198) when exposed to the internet or untrusted networks.

#talosintelligence #EN #2023 #Cisco #IOS #XE #Web #Management #CVE-2023-20198

·blog.talosintelligence.com·Oct 17, 2023

Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability

Cisco urges admins to fix IOS software zero-day exploited in attacks

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild.

#bleepingcomputer #Cisco #Warning #Zero-Day #Security #InfoSec #Computer-Security #CVE-2023-20109

·bleepingcomputer.com·Oct 2, 2023

Cisco urges admins to fix IOS software zero-day exploited in attacks

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

On May 24, 2022, Cisco became aware of a potential compromise. Since that point, Cisco Security Incident Response (CSIRT) and Cisco Talos have been working to remediate. * During the investigation, it was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

#talosintelligence #EN #2022 #Cisco #attack #Google #sync #password #insights

·blog.talosintelligence.com·Aug 11, 2022

Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Cet article explique comment trois vulnérabilités supplémentaires ont été découvertes dans le client VPN Cisco AnyConnect pour Windows. Elles ont été trouvées suite au développement d’un exploit pour la CVE-2020-3153 (une élévation de privilèges, étudiée dans MISC n°111). Après un rappel du fonctionnement de ce logiciel, nous étudierons chacune de ces nouvelles vulnérabilités.

#ed-diamond #FR #2020 #CVE-2020-3433 #Cisco #AnyConnect #analysis

·connect.ed-diamond.com·Jul 19, 2022

CVE-2020-3433 : élévation de privilèges sur le client VPN Cisco AnyConnect

Dump these Cisco phone adapters because it's not fixing them

There is a critical security flaw in a Cisco phone adapter, and the business technology giant says the only step to take is dumping the hardware and migrating to new kit. In an advisory, Cisco this week warned about the vulnerability in the SPA112 2-Port Adapter that, if exploited, could allow a remote attacker to essentially take control of a compromised device by seizing full privileges and executing arbitrary code. The flaw, tracked as CVE-2023-20126, is rated as "critical," with a base score o

#theregister #EN #2023 #Cisco #CVE-2023-20126 #SPA112 #2-Port #phone #adaptor

·theregister.com·May 8, 2023

Dump these Cisco phone adapters because it's not fixing them