Cisco

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) 2025-11-13 at 17:14 By Zeljka Zorz CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and Firepower firewalls. “In CISA’s analysis of agency-reported data, CISA has identified devices marked as ‘patched’ […]

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) Read More »

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks 2025-11-13 at 17:14 By Ionut Arghire Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks. The post CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks appeared first on SecurityWeek. This article is an excerpt

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks Read More »

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon 2025-11-13 at 11:57 By Ionut Arghire Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days. The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon Read More »

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354) 2025-11-06 at 17:16 By Zeljka Zorz Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass authentication, compromise vulnerable installations, and elevate privileges to root. The good news is that there is currently no evidence of

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354) Read More »

Cisco Patches Critical Vulnerabilities in Contact Center Appliance

Cisco Patches Critical Vulnerabilities in Contact Center Appliance 2025-11-06 at 14:50 By Ionut Arghire The flaws allow attackers to execute arbitrary code remotely and elevate their privileges to root on an affected system. The post Cisco Patches Critical Vulnerabilities in Contact Center Appliance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cisco Patches Critical Vulnerabilities in Contact Center Appliance Read More »

Cisco’s platform enhancements strengthen security for MSPs

Cisco’s platform enhancements strengthen security for MSPs 2025-11-04 at 11:54 By Industry News Cisco announced a significant platform advancement designed to empower MSPs to deliver security services. This innovation adds foundational multi-customer management capabilities within Security Cloud Control, Cisco’s unified, AI-powered management platform. This console leverages advanced AIOps and AgenticOps to enable organizations to centrally

Cisco’s platform enhancements strengthen security for MSPs Read More »

New Cisco solutions bring speed, security, and automation to distributed AI networks

New Cisco solutions bring speed, security, and automation to distributed AI networks 2025-11-04 at 10:01 By Industry News Cisco is introducing innovations to modernize campus, branch, and industrial networks to support the growing use of AI. Its solutions simplify operations, scale with evolving business needs, and enhance security, all of which are critical to unlocking

New Cisco solutions bring speed, security, and automation to distributed AI networks Read More »

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) 2025-10-17 at 15:29 By Zeljka Zorz Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro

Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) Read More »

Cisco Routers Hacked for Rootkit Deployment

Cisco Routers Hacked for Rootkit Deployment 2025-10-16 at 14:17 By Ionut Arghire Threat actors are exploiting CVE-2025-20352, a recent Cisco zero-day, to deploy a rootkit on older networking devices. The post Cisco Routers Hacked for Rootkit Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Routers Hacked for Rootkit Deployment Read More »

Everyone wants AI, but few are ready to defend it

Everyone wants AI, but few are ready to defend it 2025-10-16 at 08:05 By Anamarija Pogorelec The rush to deploy AI is reshaping how companies think about risk, according to Cisco. A global study finds that while most organizations are moving quickly to adopt AI, many are not ready for the pressure it puts on

Everyone wants AI, but few are ready to defend it Read More »

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign 2025-10-10 at 15:49 By Ionut Arghire GreyNoise has discovered that attacks exploiting Cisco, Fortinet, and Palo Alto Networks vulnerabilities are launched from the same infrastructure. The post Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign appeared first on SecurityWeek. This article is an

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign Read More »

Legit tools, illicit uses: Velociraptor, Nezha turned against victims

Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has

Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts 2025-10-01 at 13:36 By Zeljka Zorz Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 vulnerable appliances out there. The number is provided by

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts Read More »

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks 2025-09-26 at 14:19 By Zeljka Zorz A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor behind it is believed to be the one

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks Read More »

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks 2025-09-26 at 10:20 By Ionut Arghire Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot. The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek. This article is an excerpt

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks Read More »

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) 2025-09-25 at 15:33 By Zeljka Zorz Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst switches, Integrated

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) Read More »

Cisco Patches Zero-Day Flaw Affecting Routers and Switches

Cisco Patches Zero-Day Flaw Affecting Routers and Switches 2025-09-25 at 11:46 By Ionut Arghire The security defect allows remote attackers with administrative privileges to execute arbitrary code as the root user. The post Cisco Patches Zero-Day Flaw Affecting Routers and Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Zero-Day Flaw Affecting Routers and Switches Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities 2025-09-11 at 17:37 By Ionut Arghire High-severity flaws in IOS XR could lead to ISO image verification bypass and denial-of-service conditions. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Cisco puts agentic AI at the core of Splunk Enterprise Security

Cisco puts agentic AI at the core of Splunk Enterprise Security 2025-09-09 at 16:51 By Industry News Cisco introduced Splunk Enterprise Security Essentials Edition and Splunk Enterprise Security Premier Edition, providing customers two agentic AI-powered SecOps options that unify security workflows across threat detection, investigation, and response (TDIR). Delivered within Splunk Enterprise Security 8.2, these

Cisco puts agentic AI at the core of Splunk Enterprise Security Read More »

Scroll to Top