CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity.
Advertisement
Cisco
CISA alerts federal agencies of widespread attacks using Cisco zero-days
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive.
Cisco uncovers new SNMP vulnerability used in attacks on IOS devices
Cisco Systems has issued security updates to address a critical vulnerability in its widely deployed IOS and IOS XE network operating systems, after confirming the flaw is…
Three proactive strategies for defending against insider threats
Cisco security experts argue that the solution to rising internal cyber risks isn't just about blocking bad actors but enabling unwitting employees with invisible security, precise policies,…
Cisco discloses maximum-severity defect in firewall software
The vulnerability, which Cisco said it discovered during internal security testing, could allow unauthenticated attackers to execute high-privilege commands.
Cisco network access security platform vulnerabilities under active exploitation
The software defects, which have a maximum-severity rating, do not require authentication and allow remote attackers to execute code arbitrarily on the underlying system.
Advertisement
Olivia Rose on why the CISO role may not be the pinnacle of security work
Olivia Rose, Founder and CISO of the Rose CISO Group
SonicWall customers confront resurgence of actively exploited vulnerabilities
The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.
Independent tests show why orgs should use third-party cloud security services
AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.