Cisco
-
Blog
Cisco fixes max severity IOS XE flaw letting attackers hijack devices
Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. This token is meant to authenticate requests to a feature called ‘Out-of-Band AP Image Download.’ Since it’s hard-coded, anyone can impersonate an authorized user without credentials. The vulnerability is…
Read More » -
Blog
96% of businesses have low cyber-readiness, claims Cisco
Businesses worldwide are still unprepared for a myriad of cyber attacks, according to the latest Cisco Cybersecurity Readiness Index. The networking specialist categorizes companies’ cyber readiness as Mature, Progressive, Formative, and Beginner based on what it considers to be the five most important pillars of cybersecurity for businesses today. These include: Identity Intelligence Machine Trustworthiness Network Resilience Cloud Reinforcement AI…
Read More » -
Blog
Cisco takes aim at AI security at RSAC with ServiceNow partnership
Cisco and ServiceNow have kicked off RSAC Conference 2025 in San Francisco by announcing a new aspect of their seven-year collaboration. It brings together the former’s AI Defense product with the latter’s SecOps, with the companies claiming the integration will provide “more holistic AI risk management and governance”. Speaking ahead of the announcement, Cisco’s EVP and chief product officer Jeetu…
Read More » -
Blog
Westcon-Comstor unveils new managed SOC solution for Cisco partners
Westcon-Comstor has announced the launch of a new managed security operations center (SOC) solution, available via its Cisco-focused Comstor arm. The solution is the first managed SOC offering launched by the distribution giant and the first to be powered by Cisco’s extended detection and response (XDR) capabilities. With the Managed XDR SOC, Comstor said partners across the EMEA region will…
Read More » -
Blog
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. Tracked as CVE-2025-20236, this security flaw was found in the Webex custom URL parser and can be exploited by tricking users into downloading arbitrary files, which lets threat actors execute arbitrary commands on systems running…
Read More » -
Blog
Cisco names Oliver Tuszik as global sales chief
Networking and connectivity giant Cisco has announced the appointment of Oliver Tuszik as its new executive vice president of global sales. Tuszik will join Cisco’s executive leadership team from April 27, formally replacing Gary Steele, whose departure was first announced by the firm back in February. A long-time company veteran, Tuszik has spent more than a decade at Cisco and…
Read More » -
Blog
Critical Cisco Smart Licensing Utility flaws now exploited in attacks
Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account. The CSLU Windows application allows admins to manage licenses and linked products on-premises without connecting them to Cisco’s cloud-based Smart Software Manager solution. Cisco patched this security flaw (tracked as CVE-2024-20439) in September, describing it as “an undocumented static user…
Read More » -
Blog
Cisco unveils new agentic AI tools to improve customer and employee experience
Cisco wants its new agentic AI tools to anticipate the needs of staff and customers alike as the firm unveils a new suite of agentic offerings. The tech giant has announced the general availability of the Webex AI Agent, a tool targeted at customer service, as well as other solutions for collaboration devices and employee experiences. “Cisco is driving toward…
Read More » -
Blog
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. IOS XR runs on the company’s carrier-grade, Network Convergence System (NCS), and Carrier Routing System (CRS) series of routers, such as the ASR 9000, NCS 5500, and 8000 series. This high-severity flaw (tracked as CVE-2025-20115) was found…
Read More » -
Blog
Cisco warns of Webex for BroadWorks flaw exposing credentials
Cisco warned customers today of a vulnerability in Webex for BroadWorks that could let unauthenticated attackers access credentials remotely. Webex for BroadWorks integrates Cisco Webex’s video conferencing and collaboration features with the BroadWorks unified communications platform. While the company has yet to assign a CVE ID to track this security issue, Cisco says in a Tuesday security advisory that it already pushed…
Read More »