CyberSecurityBoard
Sponsor Register Login

100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices

The Cybersecurity and Infrastructure Security Agency (CISA) has released guidance for addressing the Cisco IOS XE Web UI vulnerabilities, noting that CVE-2023-20198 is a privilege escalation vulnerability in the web UI feature of Cisco’s IOS XE software affecting both physical and virtual devices that have the HTTP or HTTPS Server feature enabled. The Chinese state-sponsored group Salt Typhoon (aka RedMike) has systematically targeted global telecom providers since 2021, blending credential theft with vulnerability exploitation. State-Aligned Activity: Chinese group Salt Typhoon leveraged both vulnerabilities to breach five telecom networks, maintaining access for over three years in one instance. Between December 2024 and January 2025, Salt Typhoon exploited these CVEs to compromise a U.S. ISP, a U.K. telecom affiliate, and providers in South Africa and Thailand. CVE-2018-0171: Two IPs from Switzerland and the U.S. targeted this legacy Smart Install flaw from December 2024 to January 2025, coinciding with Salt Typhoon’s telecom attacks. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 25 Feb 2025 04:35:18 +0000


Cyber News related to 100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices

CVE-2022-49069 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
11 months ago Securityaffairs.com CVE-2024-23222 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109
New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
10 months ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109 Rocke
The Persistent Danger of Remcos RAT - From initial infection to persistent control, the Remcos RAT campaign exemplifies the evolving nature of cyber threats and the need for proactive defense measures. This ecosystem is supported by a diverse array of servers that function as command and ...
1 year ago Cyberdefensemagazine.com
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day - More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. There is no patch or a workaround available and the only ...
1 year ago Bleepingcomputer.com CVE-2023-20198
Cisco patches IOS XE zero-days used to hack over 50,000 devices - Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. The free software release comes after a threat actor leveraged the security issues as zero-days to compromise and ...
1 year ago Bleepingcomputer.com CVE-2023-20198
Cisco discloses new IOS XE zero-day exploited to deploy malware implant - Cisco disclosed a new high-severity zero-day today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. The company said it found a fix for both vulnerabilities ...
1 year ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273 CVE-2021-1435
Number of hacked Cisco IOS XE devices plummets from 50K to hundreds - The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline. This week, Cisco warned that ...
1 year ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks - Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect more than 10,000 Cisco IOS XE devices with malicious implants. The list of products running Cisco IOS XE software includes enterprise switches, aggregation ...
1 year ago Bleepingcomputer.com CVE-2023-20198
What's Coming to Cisco Live Europe 2024 for the Data Center Developer? - In just a week or so, Cisco Live EMEA, 2024 will be ready to sizzle at the RAI Amsterdam. From a Cisco Cloud Networking standpoint, Cisco Nexus Dashboard, Cisco ACI, and Nexus 9000 Series switches are showing up in a big way. Read on to learn what ...
1 year ago Feedpress.me
Building Data Center Infrastructure for the AI Revolution  - This is part two of a multi-part blog series on AI. Part one, Why 2024 is the Year of AI for Networking, discussed Cisco's AI networking vision and strategy. This blog will focus on evolving data center network infrastructure for supporting AI/ML ...
1 year ago Feedpress.me
5 Tips for Pi Day Savings at the Cisco Learning Network Store - Save 25% on select training products from the Cisco Learning Network Store for 24 hours only. Two new multicloud training courses are now available in the Cisco Learning Network Store-and they're included in the Pi Day Sale. If you are an active ...
1 year ago Feedpress.me
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked - Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but ...
1 year ago Bleepingcomputer.com CVE-2023-20198
Cisco Adds New Security and AI Capabilities in Next Step Toward Cisco Networking Cloud Vision - PRESS RELEASE. AMSTERDAM, Feb. 6, 2024 /PRNewswire/ - CISCO LIVE EMEA - Cisco, the leader in networking and security, today introduced new capabilities and technologies across its networking portfolio that are designed to drive a more unified and ...
1 year ago Darkreading.com
Embrace the Multicloud Era with Cisco Learning and Certifications at Cisco Live Amsterdam - It's time to come together with experts and thousands of your peers to connect, learn, and advance your career with the Learning & Certifications team at Cisco Live Amsterdam, February 5-9, 2024. Let's dive into how you can make the most of your ...
1 year ago Feedpress.me
Accelerating Your Journey to the 128-bit Universe - The 2023 National Cybersecurity Strategy requires acceleration of your agency's mission to go boldly into the 128-bit address space universe with greater speed and urgency. IPv6-only is the addressing standard for the U.S. Federal Government, ...
1 year ago Feedpress.me
Award-Winning Centralized Platform Helps Unlock Value Through Simplicity - Network operators need to cater to their customers by delivering services from anywhere between 1G to 100G speeds, while having the ability to aggregate into 400G networks. With the evolution of the network and emergence of more localized and ...
1 year ago Feedpress.me
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
3 years ago
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
10 months ago Securityaffairs.com CVE-2024-0769 CVE-2024-29849 CVE-2022-38028 CVE-2024-0204 CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-20198 CVE-2023-4966 CVE-2023-40044 CVE-2023-38035 APT28
Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
10 months ago Securityaffairs.com CVE-2024-0769 CVE-2024-29849 CVE-2022-38028 CVE-2024-0204 CVE-2023-49103 CVE-2023-46747 CVE-2023-46748 CVE-2023-20198 CVE-2023-4966 CVE-2023-40044 CVE-2023-38035 APT28
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
1 year ago Darkreading.com
InfectedSlurs Botnet Spreads Mirai via Zero-Days - The payload targets routers and network video recorder devices with default admin credentials and installs Mirai variants when successful. Until November 9, 2023, the vulnerable devices being targeted were unknown. Since both the name and the version ...
1 year ago Akamai.com
Webex announces comprehensive Device Management Capabilities with Phonism integration - Webex is excited to announce a comprehensive solution for 3rd party Device Management referred to as 'Partner Managed Devices. ' Partner Managed Devices allows Webex Cloud Calling offers to support a flexible Device Management strategy. With this ...
1 year ago Feedpress.me
Patch Now: Cisco Zero-Day Under Fire From Chinese APT - Cisco has patched a command-line injection flaw in a network management platform used to manage switches in data centers, which, according to researchers from Sygnia, already has been exploited by the China-backed threat group known as Velvet Ant. ...
10 months ago Darkreading.com CVE-2024-20399
newsletter Round 473 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
11 months ago Securityaffairs.com CVE-2020-3259 CVE-2023-46747 CVE-2023-46748 CVE-2023-22515 APT29 Rocke BianLian

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)