Cisco Unity Connection Vulnerability Enables Root Access

Cisco patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.

Cisco has recently addressed a significant security vulnerabilit in its Unity Connection softwarey, identified as CVE-2024-20272. This flaw poses a critical risk as it allows unauthenticated attackers to gain root privileges on affected systems. The update is already available and is recommended for installation as soon as possible. Vulnerability in Cisco Unity Connection Allows for… Continue reading Cisco Unity Connection Vulnerability Enables Root Access

Logs of Internal Chats of the Russian Hacker Group Yanluowang Leaked to the Network

Information security experts report a hack of the Yanluowang hacker group, which compromised Cisco this summer. According to experts, internal chats of the group leaked to the network, showing that Yanluowang consists of Russian-speaking members. KELA analysts write that the latest leak contains hack group chats dated January-September 2022, all communication in which took place… Continue reading Logs of Internal Chats of the Russian Hacker Group Yanluowang Leaked to the Network

Ransomware publishes data stolen from Cisco

The Yanluowang hack group published data stolen from Cisco back in May 2022. Cisco representatives acknowledged that the data leak took place, but still insist that the incident did not affect the company’s business in any way. Let me remind you that last month, Cisco representatives confirmed that back in May, the company’s corporate network… Continue reading Ransomware publishes data stolen from Cisco

Cisco Hack Is Linked to Russian-Speaking Hackers from Evil Corp

Experts from eSentire established that the infrastructure used to hack Cisco in May 2022 was exploited to compromise an unnamed HR solutions company a month earlier. Researchers believe that malicious actors associated with Evil Corp. are behind these incidents. Let me remind you that we also said that Cisco Won’t Fix an RCE Vulnerability in… Continue reading Cisco Hack Is Linked to Russian-Speaking Hackers from Evil Corp

Cisco Won’t Fix an RCE Vulnerability in Old RV Routers

A 9.8/10 RCE Vulnerability in Old Cisco RV Routers Will Not Be Patched Cisco will not patch the zero-day CVE-2022-20825 vulnerability on end-of-life devices. The affected devices are Small Business RV routers (mobile routers for recreational vehicles and boats.) The specific vulnerable models are RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN… Continue reading Cisco Won’t Fix an RCE Vulnerability in Old RV Routers

Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack

In an interview with CBSNews, Microsoft President Brad Smith said the recent attack on SolarWinds was “the largest and most sophisticated he has ever seen.” According to him, the analysis of the hack carried out by the company’s specialists suggests that more than 1,000 developers worked on this attack. At the same time, Smith says… Continue reading Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack

Experts discovered SolarLeaks website with data stolen in a recent massive hacker attack

Bleeping Computer reports the discovery of the SolarLeaks website (solarleaks[.]net), where unidentified individuals claim to be selling data allegedly stolen from SolarWinds, Microsoft, Cisco, and FireEye during a recent supply chain attack. Just to recap, in December 2020, it was revealed that unknown hackers attacked SolarWinds, infecting its Orion platform with malware. Out of the… Continue reading Experts discovered SolarLeaks website with data stolen in a recent massive hacker attack

Microsoft says SolarWinds hackers hunted for access to cloud resources

Microsoft continues to investigate the supply chain attack that SolarWinds and its customers have suffered this year. Microsoft analysts reported that SolarWinds hackers were hunting for access to cloud resources. Let me remind you that unknown hackers attacked SolarWinds and infected its Orion platform with malware. Among the victims were such giants as Microsoft, Cisco,… Continue reading Microsoft says SolarWinds hackers hunted for access to cloud resources