Mandiant firm has spotted more than a dozen Cisco routers running malicious ROMMON firmware images that allow attackers to control targeted devices. A few weeks ago, CISCO issued an alert to warn enterprise customers about a spike in attacks in which hackers use valid admin credentials on IOS devices to install bogus ROMMON images, which is the bootstrap […]
Cisco Unified CDM software contains a privileged account with a static password that cannot be changed, by using it an attacker can control the platform. A default privileged account with a static password that cannot be changed affect the  Cisco Unified Communications Domain Manager (Cisco Unified CDM) opening the platform for remote attacks. The Cisco […]
Security experts at Cisco revealed the existence of a default SSH key in many security appliances, an attacker can exploit it to control the devices. Security experts at Cisco discovered default SSH Key in many Cisco security appliances, an attacker could use them to establish SSH connection and control the devices. The abuse of the […]
Chris Watts discovered a security flaw affecting some models of Cisco IP Phones that could be exploited to eavesdrop on conversations and make phone calls. Some models of Cisco IP phones for small businesses are affected by a vulnerability, coded as CVE-2015-0670 that could be exploited by a remote attacker to eavesdrop on conversations and make phone calls […]
Cisco Security Team has spotted in the wild a new Point-of-Sale malware dubbed PoSeidon that is more sophisticated than previously detected PoS malware. Expert at Cisco have discovered a new Point-of-Sale (PoS)  malware dubbed PoSeidon. The experts have discovered many similarities with the popular Zeus Trojan and use sophisticated methods to find card data respect other POS malware like BlackPoS, which was used […]
Expert at Cisco discovered a privacy breach caused by a software problem, which exposed personal information of users that opted for privacy setting. A software problem occurred at Google have exposed personal information of users that registered their website and had chosen to keep their profile private. The flaw affected the whois database that contains contact […]
Experts at Cisco discovered a new technique dubbed Domain Shadowing consisting in the creation of thousand subdomains used to spread the Angler exploit kit Cyber criminals have used hundreds of legitimate domain name accounts registered through GoDaddy to run a malicious campaign using the popular Angler exploit kit. Crooks hacked domain name accounts in order […]
Cisco experts discovered a phishing campaign that is spreading fake Volume License Trojan Chanitor to corporate users and is able to evade sandboxes. A few weeks ago, multiple Cisco Managed Threat Defense (MTD) customers received an email that appeared as sent by the Microsoft Volume Licensing Service Center (VLSC), which contains a link to login to the […]
Researchers at BlackHat discovered a Denial of Service Vulnerability in Cisco IOS Software and Cisco IOS XE Software EnergyWise. Researchers from ERNW GMBH revealed that misconfigurations and vulnerabilities in Cisco’s EnergyWise suite could be exploited by attackers to cause huge blackouts. The team has presented the results of their study during the last Black Hat  conference […]
Multiple Cisco Wireless Residential Gateway products are affected by a critical flaw that could allow a remote attacker to hijack the devices. A security vulnerability affects multiple Cisco wireless residential Gateway products, the flaw resides on the web server an could be exploited by a remote attacker to hijack the network appliance. The flaw, ranked […]