#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

cisco IOS Software | Breaking Cybersecurity News | The Hacker News

Here's how hackers are targeting Cisco Network Switches in Russia and Iran

Here's how hackers are targeting Cisco Network Switches in Russia and Iran

Apr 09, 2018
Since last week, a new hacking group, calling itself ' JHT ,' hijacked a significant number of Cisco devices belonging to organizations in Russia and Iran, and left a message that reads—" Do not mess with our elections " with an American flag (in ASCII art). MJ Azari Jahromi, Iranian Communication and Information Technology Minister, said the campaign impacted approximately 3,500 network switches in Iran, though a majority of them were already restored. The hacking group is reportedly targeting vulnerable installations of Cisco Smart Install Client, a legacy plug-and-play utility designed to help administrators configure and deploy Cisco equipments remotely, which is enabled by default on Cisco IOS and IOS XE switches and runs over TCP port 4786. Some researchers believe the attack involves a recently disclosed remote code execution vulnerability ( CVE-2018-0171 ) in Cisco Smart Install Client that could allow attackers to take full control of the network
Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models

Mar 20, 2017
Cisco is warning of a new critical zero-day IOS / IOS XE vulnerability that affects more than 300 of its switch models. The company identified this highest level of vulnerability in its product while analyzing " Vault 7 " — a roughly 8,761 documents and files leaked by Wikileaks last week, claiming to detail hacking tools and tactics of the Central Intelligence Agency (CIA). The vulnerability resides in the Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software. If exploited, the flaw ( CVE-2017-3881 ) could allow an unauthenticated, remote attacker to cause a reboot of an affected device or remotely execute malicious code on the device with elevated privileges to take full control of the device, Cisco says in its  advisory . The CMP protocol has been designed to pass around information about switch clusters between cluster members using Telnet or SSH. The vulnerability is in the default configuration of affected Cisco devices,
Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

Feb 14, 2024Financial Security / Cyber Threats
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more limited resources. The FinServ Threat Landscape Recent trends show an alarming increase in sophisticated cyber-attacks. Cybercriminals now deploy advanced techniques like deep fake technology and AI-powered attacks, making it increasingly difficult for banks to differentiate between legitimate and malicious activities. These developments necessitate a shift towards more sophisticated and adaptive cybersecurity measures. Take these industry statistics, for example. Financial firms report 703 cyberattack attempts per week.1 On average, 270 attacks (entailing unauthorized access of data, appl
Cybersecurity Resources