Cisco

  • Blog

    IntelBroker leaks 2.9 TB of exposed Cisco records – and there’s more to come

    Hackers have published data claimed to have been stolen from a Cisco developer resource, after an alleged misconfiguration left software artifacts available on the public internet. A well known threat actor has leaked 2.9 TB of data on the dark web, said to be part of a larger 4.5TB dataset, following up on their claims to have found an unprotected…

    Read More »
  • Blog

    IT leaders are less AI-ready than they were a year ago, says Cisco report

    IT leaders are feeling great pressure to adopt AI, but most say they’re nowhere near ready as they lack the necessary infrastructure and technology. Virtually all the businesses polled in Cisco’s AI Readiness Index reported increased urgency to deliver on AI, and 85% say they believe they have less than 18 months to act. Six in ten are feeling even…

    Read More »
  • Blog

    Cisco bug lets hackers run commands as root on UWRB access points

    Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. Tracked as CVE-2024-20418, this security flaw was found in Cisco’s Unified Industrial Wireless Software’s web-based management interface. Unauthenticated threat actors can exploit it in low-complexity command injection attacks that…

    Read More »
  • Blog

    Cisco says DevHub site leak won’t enable future breaches

    ​Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don’t contain information that could be exploited in future breaches of the company’s systems. While analyzing the exposed documents, the company found that their contents include data that Cisco publishes for customers and other DevHub users. However, files that shouldn’t have been made…

    Read More »
  • Blog

    “Our goal is to transform partner success”: Cisco just announced a major overhaul of its partner program – here’s what you need to know

    Cisco has announced a major overhaul to its partner program, looking to boost the value partners bring to customers by addressing their evolving needs. The new Cisco 360 Partner Program will connect partners’ success to how they meet customers’, with a focus on AI workloads, modernizing infrastructure, and bolstering cyber resilience. Cisco said it overhauled the initiative in collaboration with…

    Read More »
  • Blog

    New Cisco ASA and FTD features block VPN brute-force password attacks

    Cisco has added new security features that significantly mitigate brute-force and password spray attacks on Cisco ASA and Firepower Threat Defense (FTD), helping protect the network from breaches and reducing resource utilization on devices. Password spray and brute force attacks are similar in that they both attempt to gain unauthorized access to an online account by guessing a password. However, password spray…

    Read More »
  • Blog

    Cisco confirms attackers stole data, shuts down access to compromised DevHub environment

    Cisco has closed public access to one of its third-party developer environments after threat actors successfully stole data from a public-facing DevHub environment. On 14 October, the prominent threat actor IntelBroker posted on BreachForums that they compromised data including source code, hard-coded credentials, certificates, API tokens, private and public keys, AWS private buckets, Docker builds, and Azure storage buckets as…

    Read More »
  • Blog

    Cisco takes DevHub portal offline after hacker publishes stolen data

    Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked “non-public” data, but it continues to state that there is no evidence that its systems were breached. “We have determined that the data in question is on a public-facing DevHub environment—a Cisco resource center that enables us to support our community by making available…

    Read More »
  • Blog

    Cisco confirms investigation amid data breach claims

    Cisco has confirmed it’s investigating reports a hacker accessed networks and stole files, leaking them online, but says it has found no evidence so far. The hacker, known as “IntelBroker”, made the claim on BreachForums, a black-hat hacking site, suggesting the data was stolen on October 6, 2024. “Today, I am selling the Cisco breach that recently happened (6/10/2024). Breached…

    Read More »
  • Blog

    Cisco investigates breach after stolen data for sale on hacking forum

    Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. “Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files,” a Cisco spokesperson told BleepingComputer. “We have launched an investigation to assess this claim, and…

    Read More »
Back to top button
close