securityaffairs, 7 months ago to cisco Italian

#Cisco warns of active exploitation of IOS XE #zeroday
https://securityaffairs.com/152552/hacking/cisco-ios-xe-zero-day.html
#securityaffairs #hacking

simontsui, 7 months ago to cisco

Cisco Security Advisory: Actively exploited Zero-Day CVE-2023-20198 Cisco IOS XE Software Web UI Privilege Escalation Vulnerability. "Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system."

Link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z

Tags: #CVE202320198 #Cisco #zeroday #eitw #activeexploitation cc: @dangoodin @avoidthehack @campuscodi

governa, 7 months ago to cisco

#Cisco Can’t Stop Using Hard-Coded Passwords ⚠️

https://www.schneier.com/blog/archives/2023/10/cisco-cant-stop-using-hard-coded-passwords.html

br00t4c, 8 months ago to cisco

Cisco Can't Stop Using Hard-Coded Passwords

#cisco

https://www.schneier.com/blog/archives/2023/10/cisco-cant-stop-using-hard-coded-passwords.html

br00t4c, 8 months ago to cisco

Cisco warns of critical flaw in Emergency Responder code

#cisco

https://go.theregister.com/feed/www.theregister.com/2023/10/05/cisco_icritical_emergency/

kurtseifried, 8 months ago to cisco

I was looking at bot activity, and we have a bot with the user agent of just "curl" hitting the front page repeatedly. It is using an IP (193.247.73.226) in Moscow that has the reverse DNS "a3-docker7-svo.v6.ag1.thousandeyes.com" which maps back to the IP, so it's legitimate, and is owned by #cisco it would appear:

https://tools.keycdn.com/geo?host=193.247.73.226

So in simple terms: why is the Cisco #ThousandEyes service repeatedly hitting my front page? Is anyone else seeing this?

Whether working in the office, logging in from home, or a bit of both, you’ll be part of a critical mission: to improve the quality of the Internet to improve the quality of life. As part of Cisco, ThousandEyes is a certified Great Place to Work with regional, national, and international recognition. Come join our team!

ij, 8 months ago to random German

Auch spannend:

Frueher gab es Videokonferenzsysteme auf Basis von SIP/H323.

Dann dachte irgendjemand, dass es eine tolle Idee sei, dass man ja auch den Browser nehmen koennte (WebRTC).

Dann ging der Hype-Cycle los und alle Welt stuerzte sich auf WebRTC als kostengünstige Webkonferenzlösung.

In Folge dessen verlor SIP teilweise an Bedeutung, gerade in der Pandemie.

Jetzt gruessen mich viele Webkonferenzen mit "Laden sie doch die App runter!"

Welch Fortschritt! Nicht.

geekymalcolm, 8 months ago to cisco

#Cisco Releases Security Advisories for Multiple Products

https://www.cisa.gov/news-events/alerts/2023/10/05/cisco-releases-security-advisories-multiple-products

#PatchYourShit

jrt, 8 months ago to cisco

Getting owned by a tool called "Emergency Responder" has some serious Oceans Eleven vibes!

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cer-priv-esc-B9t3hqk9
#Cisco #security

heisec, 8 months ago to cisco German

Notruf-Tool Cisco Emergency Responder mit statischen Zugangsdaten

Der Netzwerkausrüster Cisco hat für mehrere Produkte wichtige Sicherheitsupdates veröffentlicht.

https://www.heise.de/news/Notruf-Tool-Cisco-Emergency-Responder-mit-statischen-Zugangsdaten-9325669.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Cisco #Sicherheitslücken #news

patrickcmiller, 8 months ago to random

Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109 https://securityaffairs.com/151647/hacking/cisco-cve-2023-20109-actively-exploited.html

Freemind, 8 months ago to cisco

According to Cisco, this flaw could be exploited by an authenticated remote attacker with administrative control over a group member or a key server.

#Cisco #Cybersecurity #Vulnerabilities

https://cybersec84.wordpress.com/2023/09/29/cisco-issues-security-advisory-for-ios-and-ios-xe-software-after-exploitation-attempts/

geekymalcolm, 8 months ago to cisco

#Cisco Releases Security Advisories for Multiple Products

https://www.cisa.gov/news-events/alerts/2023/09/28/cisco-releases-security-advisories-multiple-products

#PatchYourShit

xro, 8 months ago to cisco

nice story. Never have your core infrastructure depend on licenses!

https://blog.fefe.de/?ts=9be8642a

#cisco #saas

heisec, 8 months ago to cisco German

Jetzt patchen! Attacken auf Netzwerkgeräte von Cisco beobachtet

Cisco hat unter anderem eine kritische Lücke in Catalyst SD-WAN geschlossen. Außerdem gibt es Sicherheitsupdates für weitere Produkte.

https://www.heise.de/news/Jetzt-patchen-Attacken-auf-Netzwerkgeraete-von-Cisco-beobachtet-9320947.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege

#Cisco #iOS #Sicherheitslücken #Updates #news

stdevel, 8 months ago to cisco German

Auch im September ist wieder viel passiert: #Cisco kauft Splunk und OpenTF wandert als OpenTofu unter den Deckmantel der #Linux Foundation. LTS-Kernel sollen zukünftig nur für 2 statt 6 Jahre gepflegt werden. Google feiert das 25-jährige Bestehen und Chrome verärgert erneut mit FLoC. GitLab arbeitet an ActivityPub-Support. GNOME 45 und Fedora 39 Beta erscheinen und #openSUSE stellt mit Slowroll eine neue Distribution vor.

https://focusonlinux.podigee.io/67-newsupdate-0923-postgresql-16-hashicorp-opensuse-slowroll-gnome-45-linux-lts-kernel

#Chameleonaire #FocusOnLinux #Podcast

securityaffairs, 8 months ago to China Italian

#China-linked #APT #BlackTech was spotted hiding in #Cisco #router firmware
https://securityaffairs.com/151587/apt/blacktech-backdoor-cisco-router-firmware.html
#securityaffairs #hacking

derPUPE, 8 months ago to cisco German

I guess #Cisco got tired
of #splunk licensing costs

br00t4c, 8 months ago to cisco

Cisco Buys Splunk for $28 Billion in Massive AI-Powered Data Bet

#cisco

https://slashdot.org/story/23/09/21/1545246/cisco-buys-splunk-for-28-billion-in-massive-ai-powered-data-bet

brett, 8 months ago to cisco

#Cisco makes largest ever acquisition, buying cybersecurity company #Splunk for $28 billion in cash.

https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html

Cisco to Buy Splunk for $28 Billion in Giant AI-Powered Data Bet (Paywalled) (www.bloomberg.com)

Cisco Systems Inc. agreed to buy cybersecurity company Splunk Inc. in a deal valued at about $28 billion, creating one of the world’s largest software companies.The combination will help make companies more resilient to cybersecurity threats, according to the statement....

br00t4c, 8 months ago to cisco

Cisco spends $28B on data cruncher Splunk in cybersecurity push

#cash #cisco

https://go.theregister.com/feed/www.theregister.com/2023/09/21/cisco_acquires_data_crunching_firm/

PCzanik, 8 months ago to cisco

Wow, #Cisco is buying #Splunk:

https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2023/m09/cisco-to-acquire-splunk-to-help-make-organizations-more-secure-and-resilient-in-an-ai-powered-world.html

Splunk is one of the most popular destinations in syslog-ng. I wonder how this acquisition will influence this. Will it make Splunk even stronger, or other log #analytics tools get now a chance? #LogManagement

bitprophet, 8 months ago to cisco

OH, re: #Cisco buying #Splunk: “Seems like a good acquisition, in that no one expects innovation from either company” 🤣