Cisco Tag

Russian APT28 hackers, also known as Fancy Bear and other aliases, have been targeting unpatched Cisco routers in a malware operation since 2021.   The UK National Cyber Security Centre (NCSC) and the US' National Security Agency, Cybersecurity and Infrastructure Security Agency, and the FBI issued a joint advisory outlining the APT28 exploitation tactics. The attackers exploited CVE-2017-6742, a bug in the Simple Network Management Protocol (SNMP)...

Read More

Cisco has released software fixes for multiple versions of firmware running on some of its IP phones, the company announced in an advisory. The advisory covers two vulnerabilities that affect six products, including the 6800 series, 7800 series, and 8800 series phones running the company’s multiplatform firmware.   The first vulnerability, CVE-2023-20078 (CVSS score 9.8), allows an unauthenticated remote attacker to send a crafted request to the...

Read More

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP) port 3389." The attacks, per the cybersecurity company,...

Read More