Cisco Talos
-
Static Tundra: Russia-linked group exploits Cisco flaw to maintain long-term access to global networks, researchers say
A Russian state-sponsored group known as Static Tundra has been quietly compromising network devices worldwide for over a decade, exploiting a seven-year-old Cisco vulnerability to steal data and maintain access, according to Cisco Talos Intelligence.
-
Taiwan Web Infrastructure Targeted by UAT-7237, Cisco Talos Says
Cisco Talos links a China-aligned APT cluster, UAT-7237, to attacks on Taiwan’s web infrastructure, using customized open-source tooling and a SoundBill shellcode loader to deploy backdoors and credentials-stealing utilities. The operation, active since 2022 and considered a sub-group of UAT-5918, also employs VPN persistence and RDP access, with updates to embed Mimikatz and broader lateral…
-
US, allies disrupt BlackSuit ransomware network; servers seized and funds frozen as researchers warn of rebranding to Chaos ransomware
U.S. and international partners disrupted the BlackSuit ransomware network, seizing servers and freezing about $1.09 million, while security researchers warn the group may have rebranded as Chaos ransomware and remain a threat.
-
Serious Security Vulnerabilities Found in Over 100 Dell Laptop Models
Cisco has identified serious vulnerabilities in over 100 Dell laptop models, impacting millions of devices worldwide. These flaws, which can allow attackers to control devices and access sensitive data, necessitate immediate firmware updates from affected users.
-
Cisco Reveals Data Breach Affecting User Accounts Amid Vishing Attack
Cisco Systems has reported a data breach involving user accounts due to a voice phishing incident. Basic profile information was compromised, but the company asserts that no sensitive data was affected. Cisco is taking measures to strengthen security following the incident.
-
Malware-as-a-Service Campaign Exploits GitHub for Distribution
Cisco’s Talos security team has exposed a malware-as-a-service operation utilizing GitHub for malicious software distribution, raising concerns over cybersecurity in enterprise environments.
-
Critical Cisco ISE Vulnerability Allows Pre-Authentication Command Execution
Cisco has issued an urgent advisory regarding a critical vulnerability in its Identity Services Engine (ISE) that allows unauthorized command execution. Rated 10/10 in severity, it was discovered by Kentaro Kawane and reported via Trend Micro. Cisco emphasizes the need for immediate action.
-
Cisco Issues Urgent Update to Address Critical Vulnerability in Unified Communications Manager
Cisco has issued an urgent security alert regarding a critical vulnerability in its Unified Communications Manager systems, urging users to upgrade to new software updates to prevent potential exploitation.
-
Cisco Addresses Critical Security Vulnerability in Unified Communications Manager
Cisco has released updates to mitigate a serious security vulnerability in its Unified Communications Manager that allowed for unauthorized remote access through a hardcoded backdoor account.
-
New PathWiper Malware Targets Ukrainian Infrastructure, Analysts Warn of Ongoing Cyber Threats
A new data wiper malware named PathWiper has targeted critical infrastructure in Ukraine, highlighting the ongoing cyber threats posed by advanced persistent threat actors linked to Russia. Cisco Talos has detailed the malware’s capabilities and its similarities with previously observed threats.
