Nation-State China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level. Kevin TownsendAugust 22, 2024
Vulnerabilities Cisco Patches High-Severity Vulnerability Reported by NSA A high-severity vulnerability in Cisco Unified CM and Unified CM SME could allow attackers to cause a denial-of-service (DoS) condition. Ionut ArghireAugust 22, 2024
Vulnerabilities Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities Multiple vulnerabilities in Microsoft applications for macOS could be exploited to send emails, leak sensitive information, and escalate privileges. Ionut ArghireAugust 20, 2024
Management & Strategy Cisco Cuts Thousands of Jobs, 7% of Workforce, As It Shifts Focus to AI, Cybersecurity Cisco had 84,900 employees as of July 2023. Based on that figure, the number of jobs cut would be about 5,900. Associated PressAugust 14, 2024
Vulnerabilities Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities CISA is warning organizations about abuse of Cisco Smart Install feature, as Cisco is notifying customers about critical phone vulnerabilities it’s not patching. Eduard KovacsAugust 9, 2024
ICS/OT AI, Cybersecurity Top Investment Areas for Industrial Organizations: Cisco Cisco has published its inaugural State of Industrial Networking report, based on a survey of 1,000 individuals. Eduard KovacsJuly 30, 2024
Vulnerabilities Ivanti Issues Hotfix for High-Severity Endpoint Manager Vulnerability Ivanti has released a hotfix to address an SQL injection vulnerability in Endpoint Manager (EPM) 2024 flat. Ionut ArghireJuly 18, 2024
Vulnerabilities Cisco Patches Critical Vulnerabilities in Secure Email Gateway, SSM Cisco has released patches for critical vulnerabilities in Secure Email Gateway and Smart Software Manager On-Prem. Ionut ArghireJuly 18, 2024
Malware & Threats Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant. Ionut ArghireJuly 2, 2024
Government Cisco Patches Webex Bugs Following Exposure of German Government Meetings Cisco has released a security advisory after researchers discovered that the German government’s Webex meetings were exposed. Eduard KovacsJune 5, 2024
Vulnerabilities Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability Cisco patches a high-severity Integrated Management Controller vulnerability for which PoC exploit code is available. Ionut ArghireApril 18, 2024
Artificial Intelligence Cisco Unveils AI-Native Enterprise Security Solution Hypershield Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities. Eduard KovacsApril 18, 2024