Cisco has confirmed a breach of its network, the Yanluowang ransomware group breached its corporate network in late May 2022 and that the actor tried to extort them under the threat of leaking stolen files online, where the attacker used voice phishing to convince an employee to accept a malicious multifactor authentication (MFA) push.
The breach resulted in cyberattackers gaining access to the company's virtual private network (VPN) and the theft of an unspecified number of files from its network. However, Cisco took immediate measures, to contain and eradicate the bad actors.
Cisco did not identify any impact to our business as a result of this incident, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations. On August 10 the bad actors published a list of files from this security incident to the dark web. We have also implemented additional measures to enhance the security our systems and are sharing technical details to help protect the wider security community.
Cisco on Wednesday released patches to contain multiple flaws in its software that could be abused to leak sensitive information on susceptible appliances. The issue, assigned the identifier CVE-2022-20866 (CVSS score: 7.4), has been described as a "logic error" when handling RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
Every cybersecurity incident is an opportunity to learn, strengthen our resilience, and help the wider security community. Cisco has updated its security products with intelligence gained from observing the bad actor’s techniques, shared Indicators of Compromise (IOCs) with other parties, reached out to law enforcement and other partners, and is sharing further technical details via a Talos blog to help cyber defenders learn from our observations.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.