Data Breaches Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks. Ryan NaraineApril 15, 2024
Network Security Cisco Warns of Vulnerability in Discontinued Small Business Routers Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers. Ionut ArghireApril 5, 2024
Network Security Cisco Patches DoS Vulnerabilities in Networking Products Cisco has released patches for multiple IOS and IOS XE software vulnerabilities leading to denial-of-service (DoS). Ionut ArghireMarch 28, 2024
Vulnerabilities Cisco Patches High-Severity IOS RX Vulnerabilities Cisco releases patches for high-severity denial-of-service and elevation of privilege vulnerabilities in IOS RX software. Ionut ArghireMarch 14, 2024
Vulnerabilities Cisco Patches High-Severity Vulnerabilities in VPN Product High-severity flaws in Cisco Secure Client could lead to code execution and unauthorized remote access VPN sessions. Ionut ArghireMarch 7, 2024
ICS/OT Cisco Releases Open Source Backplane Traffic Visibility Tool for OT Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. Eduard KovacsMarch 6, 2024
Vulnerabilities Cisco Patches High-Severity Vulnerabilities in Data Center OS Cisco’s semiannual FXOS and NX-OS security advisory bundle resolves two high- and two medium-severity vulnerabilities. Ionut ArghireFebruary 29, 2024
Vulnerabilities CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog. Eduard KovacsFebruary 16, 2024
Management & Strategy Cisco Announces It is Laying Off Thousands of Workers About 5 percent of Cisco's global workforce will be affected by layoffs, the Silicon Valley-based company said. AFPFebruary 14, 2024
Vulnerabilities Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices Two critical vulnerabilities in Cisco Expressway series devices can be exploited in CSRF attacks without authentication. Ionut ArghireFebruary 8, 2024
Nation-State US Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt Typhoon The US government neutralizes a botnet full of end-of-life Cisco and Netgear routers being by a notorious Chinese APT group. Ryan NaraineJanuary 31, 2024
Vulnerabilities Cisco Patches Critical Vulnerability in Enterprise Collaboration Products A critical flaw in Cisco Unified Communications and Contact Center Solutions products could lead to remote code execution. Ionut ArghireJanuary 25, 2024