Cisco Talos
-
Malware-as-a-Service Campaign Exploits GitHub for Distribution
Cisco’s Talos security team has exposed a malware-as-a-service operation utilizing GitHub for malicious software distribution, raising concerns over cybersecurity in enterprise environments.
-
Critical Cisco ISE Vulnerability Allows Pre-Authentication Command Execution
Cisco has issued an urgent advisory regarding a critical vulnerability in its Identity Services Engine (ISE) that allows unauthorized command execution. Rated 10/10 in severity, it was discovered by Kentaro Kawane and reported via Trend Micro. Cisco emphasizes the need for immediate action.
-
Cisco Issues Urgent Update to Address Critical Vulnerability in Unified Communications Manager
Cisco has issued an urgent security alert regarding a critical vulnerability in its Unified Communications Manager systems, urging users to upgrade to new software updates to prevent potential exploitation.
-
Cisco Addresses Critical Security Vulnerability in Unified Communications Manager
Cisco has released updates to mitigate a serious security vulnerability in its Unified Communications Manager that allowed for unauthorized remote access through a hardcoded backdoor account.
-
New PathWiper Malware Targets Ukrainian Infrastructure, Analysts Warn of Ongoing Cyber Threats
A new data wiper malware named PathWiper has targeted critical infrastructure in Ukraine, highlighting the ongoing cyber threats posed by advanced persistent threat actors linked to Russia. Cisco Talos has detailed the malware’s capabilities and its similarities with previously observed threats.
-
Cisco Warns of Critical Vulnerability in Cloud Deployments Exposing Sensitive Data
Cisco has issued a critical vulnerability warning for its Identity Services Engine (ISE) on major cloud platforms, potentially exposing sensitive data due to shared static credentials. Affected platforms include AWS, Azure, and OCI.
-
Cisco Issues Urgent Patches for Critical Vulnerabilities in Cloud Services
Cisco has issued patches for critical vulnerabilities in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP), warning of potential exploits that could allow unauthorized access and disruption of services in cloud deployments.
-
Cisco IOS XE Flaw Exposes Devices to Security Risks
A recently disclosed vulnerability in Cisco IOS XE software allows unauthorized remote access, potentially exposing devices to significant security risks. Cisco and independent researchers urge immediate actions for mitigation.
-
Chinese Hackers Exploit Zero-Day Vulnerability in Cityworks, Warns Cisco Talos
Cisco Talos has raised alarms over active cyberattacks by Chinese hackers exploiting a zero-day vulnerability in Trimble Cityworks, affecting local U.S. government agencies and enabling remote code execution.
