China-linked hackers have been using misconfigured Cisco security products to deploy backdoors on target networks for at least the past several weeks. The hacker group, which Cisco tracks as UAT-9686, has been taking advantage of an insecure setting in Cisco’s AsyncOS software, which powers the company’s email and web security devices and virtual platforms, Cisco…
Cisco is phasing out insecure legacy features and hardening device configurations as part of a new resilient infrastructure initiative. The effort is a direct response to threats from AI-powered attacks ansecurity, Secure by default, AI Attack, d prepares networks for post-quantum cryptography. In the process, it is making secure-by-default the baseline. Organizations face escalating risks…
Cybersecurity readiness remains alarmingly low in Indian companies, with only 7 % of firms in India achieving a mature level of readiness by 2025, according to a recent report by global technology firm Cisco. This is an increase from last year’s (2024) Index, in which 4% of Indian organizations were designated as mature, the Cisco…
Cisco has pushed back on claims it has been breached in a new ransomware attack after a threat actor exposed sensitive information allegedly stolen from the firm’s internal network. The Kraken ransomware group posted the information, which according to reporting by Cyber Press contained credentials linked to Cisco’s Windows Active Directory environment, to its dark web leak site. This data…
Cisco Systems is planning to lay off 7% of its employees, its second round of job cuts this year, as the company shifts its focus to more rapidly growing areas in technology, such as artificial intelligence and cybersecurity. The company based in San Jose, California, did not specify the number of jobs it is cutting. It…
Cisco has issued a security advisory regarding a critical remote code execution (RCE) vulnerability, dubbed “regreSSHion,” that affects multiple products. The vulnerability tracked as CVE-2024-6387, was disclosed by the Qualys Threat Research Unit on July 1, 2024. It impacts the OpenSSH server (sshd) in glibc-based Linux systems and has the potential to allow unauthenticated attackers…
Cisco on Thursday launched HyperShield, a new security product that uses AI to protect applications, devices, and data across data centers, clouds, and physical locations. The move follows Cisco’s acquisition of Splunk, which the enterprise tech titan bought for $28 billion earlier this year. Jeetu Patel, Cisco’s executive vice president, said HyperShield was designed with…
Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. Cisco described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return…
