The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.
Cisco Systems, Inc. logo and lettering can be seen on the Cisco Systems GmbH headquarters building in Garching near Munich (Bavaria). Cisco is a US company from the telecommunications industry and is primarily known for its routers and switches. (Photo by Matthias Balk/picture alliance via Getty Images)
Cisco Systems has issued security updates to address a critical vulnerability in its widely deployed IOS and IOS XE network operating systems, after confirming the flaw is…
Cisco security experts argue that the solution to rising internal cyber risks isn't just about blocking bad actors but enabling unwitting employees with invisible security, precise policies,…
The vulnerability, which Cisco said it discovered during internal security testing, could allow unauthenticated attackers to execute high-privilege commands.
The software defects, which have a maximum-severity rating, do not require authentication and allow remote attackers to execute code arbitrarily on the underlying system.
The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.
AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.