EHA
Weaponized Cisco Webex Meetings App

Hackers Using Weaponized Cisco Webex Meetings App To Deliver Malware

A novel information-stealing campaign detailing the attackers' tactics, techniques, and procedures (TTPs) throughout the attack lifecycle, where the Mitre ATT&CK framework is used to classify these TTPs and identify potential detection points.  By examining the...
Cisco Webex Meetings Meeting Flaw Let Attackers Gain Unauthorized Access

Cisco Webex Meetings Meeting Flaw Let Attackers Gain Unauthorized Access

Cisco has disclosed a significant security vulnerability in its Webex Meetings platform that allowed unauthorized access to meeting information and metadata. The issue, identified in early May 2024, affected certain customers hosted in Cisco's...
Florida Man Arrested For Selling Fake Cisco Device To U.S. Military

Florida Man Arrested For Selling Fake Cisco Device To U.S. Military

Onur Aksoy, a forty-year-old resident of Florida and dual citizen of Turkey and the United States, was found guilty of running a large-scale, multi-year fraud scheme to traffic in fake and counterfeit Cisco networking...
Cisco IMC Command Injection Vulnerability Under Active Attack

Cisco IMC Command Injection Vulnerability Under Active Attack

An attacker with read-only or higher privileges on a Cisco Integrated Management Controller (IMC) can exploit a command injection vulnerability (CVE-2024-20295) to gain full control (root access) of the underlying operating system.  The vulnerability exists...
Cisco Nexus Dashboard Flaw Let Attackers Read Arbitrary Files

Cisco Nexus Dashboard Vulnerability Let Attackers Read Arbitrary Files

Cisco Nexus Dashboard Fabric Controller is a network management platform for all NX-OS-enabled devices. It enables data center operation teams to perform deep-dive troubleshooting and maintenance operations.  A new vulnerability has been discovered in the...
Cisco Released IOS XR Software Security Advisory

Cisco Released IOS XR Software Security Advisory

Cisco Systems, Inc., announced the release of its semiannual security advisory bundle, which addresses critical vulnerabilities in its IOS XR Software. This publication is part of Cisco's commitment to transparency and continuous improvement in cybersecurity....
Cisco Secure Client Flaw let Attackers Trigger CRLF Injection Attack

Cisco Secure Client Flaw let Attackers Trigger CRLF Injection Attack

Cisco has disclosed a critical vulnerability in the SAML authentication process of its Cisco Secure Client software. This vulnerability could potentially allow unauthenticated, remote attackers to conduct a Carriage Return Line Feed (CRLF) injection...
Cisco To Lay Off 4,000+ Employees Which is 5% of Workforce

Cisco To Lay Off 4,000+ Employees Which is 5% of Workforce

A company may lay off employees due to various reasons like changes in market conditions, shifts in business strategy, cost-cutting measures, and organizational restructuring to stay competitive and adapt to evolving industry dynamics. On February...
Critical Cisco Unity Connection Flaw Let Attackers Run Command as Root User

Critical Cisco Unity Connection Flaw Let Attackers Run Command as Root User

A critical vulnerability of severe severity has been found in Cisco Unity Connection's web-based management interface. This flaw might allow a remote, unauthenticated attacker to upload arbitrary files to a compromised system and run commands...
Cisco Meeting Server Flaw Let Attacker Trigger a DoS Attack

Cisco Meeting Server Flaw Let Attacker Trigger a DoS Attack

Cisco has warned about a serious security issue in the Web Bridge feature of the Cisco Meeting Server. The flaw (CVE-2023-20255) could let someone who is not authorized attack the system and cause a DoS...

Managed WAF

Website

Latest News