The Cisco Talos security team has released information about a new campaign of attackers targeting mass account compromise. Specialists have recorded countless login attempts to gain unauthorized access to web infrastructure, particularly SSH servers, VPN clients and web applications. This is alarming and frightening for both big companies and home users. Cisco Reports Massive Brute… Continue reading Cisco Talos Warns of a Massive Brute Force Wave
Tag: Cisco
Cisco Unity Connection Vulnerability Enables Root Access
Cisco has recently addressed a significant security vulnerabilit in its Unity Connection softwarey, identified as CVE-2024-20272. This flaw poses a critical risk as it allows unauthenticated attackers to gain root privileges on affected systems. The update is already available and is recommended for installation as soon as possible. Vulnerability in Cisco Unity Connection Allows for… Continue reading Cisco Unity Connection Vulnerability Enables Root Access
Logs of Internal Chats of the Russian Hacker Group Yanluowang Leaked to the Network
Information security experts report a hack of the Yanluowang hacker group, which compromised Cisco this summer. According to experts, internal chats of the group leaked to the network, showing that Yanluowang consists of Russian-speaking members. KELA analysts write that the latest leak contains hack group chats dated January-September 2022, all communication in which took place… Continue reading Logs of Internal Chats of the Russian Hacker Group Yanluowang Leaked to the Network
Ransomware publishes data stolen from Cisco
The Yanluowang hack group published data stolen from Cisco back in May 2022. Cisco representatives acknowledged that the data leak took place, but still insist that the incident did not affect the company’s business in any way. Let me remind you that last month, Cisco representatives confirmed that back in May, the company’s corporate network… Continue reading Ransomware publishes data stolen from Cisco
Cisco Hack Is Linked to Russian-Speaking Hackers from Evil Corp
Experts from eSentire established that the infrastructure used to hack Cisco in May 2022 was exploited to compromise an unnamed HR solutions company a month earlier. Researchers believe that malicious actors associated with Evil Corp. are behind these incidents. Let me remind you that we also said that Cisco Won’t Fix an RCE Vulnerability in… Continue reading Cisco Hack Is Linked to Russian-Speaking Hackers from Evil Corp
Cisco Won’t Fix an RCE Vulnerability in Old RV Routers
A 9.8/10 RCE Vulnerability in Old Cisco RV Routers Will Not Be Patched Cisco will not patch the zero-day CVE-2022-20825 vulnerability on end-of-life devices. The affected devices are Small Business RV routers (mobile routers for recreational vehicles and boats.) The specific vulnerable models are RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN… Continue reading Cisco Won’t Fix an RCE Vulnerability in Old RV Routers
Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack
In an interview with CBSNews, Microsoft President Brad Smith said the recent attack on SolarWinds was “the largest and most sophisticated he has ever seen.” According to him, the analysis of the hack carried out by the company’s specialists suggests that more than 1,000 developers worked on this attack. At the same time, Smith says… Continue reading Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack
Experts discovered SolarLeaks website with data stolen in a recent massive hacker attack
Bleeping Computer reports the discovery of the SolarLeaks website (solarleaks[.]net), where unidentified individuals claim to be selling data allegedly stolen from SolarWinds, Microsoft, Cisco, and FireEye during a recent supply chain attack. Just to recap, in December 2020, it was revealed that unknown hackers attacked SolarWinds, infecting its Orion platform with malware. Out of the… Continue reading Experts discovered SolarLeaks website with data stolen in a recent massive hacker attack
Microsoft says SolarWinds hackers hunted for access to cloud resources
Microsoft continues to investigate the supply chain attack that SolarWinds and its customers have suffered this year. Microsoft analysts reported that SolarWinds hackers were hunting for access to cloud resources. Let me remind you that unknown hackers attacked SolarWinds and infected its Orion platform with malware. Among the victims were such giants as Microsoft, Cisco,… Continue reading Microsoft says SolarWinds hackers hunted for access to cloud resources