Cisco Fixes Bug Affecting ASA and Firepower Solutions
By MYBRANDBOOK
Cisco has confirmed a breach of its network, the Yanluowang ransomware group breached its corporate network in late May 2022 and that the actor tried to extort them under the threat of leaking stolen files online, where the attacker used voice phishing to convince an employee to accept a malicious multifactor authentication (MFA) push.
The breach resulted in cyberattackers gaining access to the company's virtual private network (VPN) and the theft of an unspecified number of files from its network. However, Cisco took immediate measures, to contain and eradicate the bad actors.
Cisco did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations. On August 10 the bad actors published a list of files from this security incident to the dark web. We have also implemented additional measures to enhance the security our systems and are sharing technical details to help protect the wider security community.
Cisco on Wednesday released patches to contain multiple flaws in its software that could be abused to leak sensitive information on susceptible appliances. The issue, assigned the identifier CVE-2022-20866 (CVSS score: 7.4), has been described as a "logic error" when handling RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
Every cybersecurity incident is an opportunity to learn, strengthen our resilience, and help the wider security community. Cisco has updated its security products with intelligence gained from observing the bad actor’s techniques, shared Indicators of Compromise (IOCs) with other parties, reached out to law enforcement and other partners, and is sharing further technical details via a Talos blog to help cyber defenders learn from our observations.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
EXIDE INDUSTRIES LTD.
IBALL WORLDWIDE PVT. LTD.
VERSA NETWORKS INDIA PVT. LTD.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
Technology Icons Of India 2023: Honorary Prof. N. Balakrishnan
Prof. N. Balakrishnan is an Indian aerospace and computer scientist. H...
Technology Icons Of India 2023: Kumar Mangalam Birla
Aditya Birla Group chairman Kumar Mangalam Birla’s return to Vodafon...
Technology Icons Of India 2023: Amitabh Kant
Amitabh Kant is presently the G20 Sherpa of India during its Presidenc...
TCIL continues to strengthen India with its technology expertise
TCIL undertakes consultancy & turnkey projects in the field of Telecom...
CSCs enabling rural India digitally empowered
Common service centres (CSCs) are digital access points under the Digi...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
SONATA INFORMATION TECHNOLOGY LIMITED
Sonata Software Limited is a leading Modernization engineering company...
B D SOFTWARE
BD Software is the distributor of IT security solutions in India. The ...
EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.
Exclusive Networks is a globally trusted cybersecurity specialist hel...