A recent report has shown that Chinese state-backed hackers took advantage of a zero-day vulnerability in Cisco Nexus switches that had just been patched. Cisco released a fix for CVE-2024-20399, a flaw in the Cisco NX-OS software’s command-line interface that could allow a local attacker to run arbitrary commands as root with administrator privileges. The … Read more
A China-linked group, Velvet Ant, exploited a zero-day vulnerability in Cisco NX-OS software, leading to the deployment of custom malware on vulnerable switches. The flaw, identified as CVE-2024-20399 with a CVSS score of 6.0, allowed attackers to execute arbitrary commands as root within the operating system of affected devices. Only attackers with administrator credentials could … Read more
Cisco has recently released security updates to address a critical vulnerability (CVE-2024-20399) in its Cisco NX-OS software. This vulnerability is actively being exploited and could allow an authenticated local attacker with administrator credentials to run arbitrary commands with root privileges on the underlying operating system. The affected Cisco switches include MDS 9000 Series Multilayer Switches, … Read more
A cyber espionage group known as Velvet Ant, believed to have ties to China, has been observed exploiting a zero-day vulnerability in Cisco NX-OS software used in switches to distribute malware. The vulnerability, tracked as CVE-2024-20399, allows an authenticated, local attacker to execute arbitrary commands as root on the affected device. By exploiting this flaw, … Read more
A critical vulnerability has been identified in the command line interface (CLI) of Cisco NX operating system, allowing attackers to execute arbitrary commands as root on affected devices. This zero-day flaw, known as CVE-2024-20399, poses a significant threat to network security, especially for organizations using Cisco Nexus and MDS series switches. The vulnerability stems from … Read more
Cisco Systems Inc. shares experienced a slight increase on Monday, although they continue to underperform compared to the overall market. Cisco Systems Inc. is a global technology company known for its networking hardware, software, and telecommunications equipment. Despite the rise in shares, investors may be hesitant due to the company’s ongoing struggles in meeting market … Read more
Cybersecurity researchers have identified a Chinese cyberespionage campaign targeting a vulnerability in Cisco’s NX-OS software. The threat group Velvet Ant was found deploying malware on Cisco Nexus switches. Sygnia, a cybersecurity firm, discovered the vulnerability and alerted Cisco, who then released updates to address it. The exploit allows attackers to execute arbitrary commands on the … Read more
A recent zero-day vulnerability was exploited by Chinese state-sponsored hackers in April on Cisco devices, as revealed by Cisco and Sygnia Advisories. The vulnerability, known as CVE-2024-20399, affects Cisco NX-OS software used in Nexus series switches for networking. The hackers, known as the Velvet Ant group, were able to gain access to Cisco Nexus switches … Read more
Cisco has recently incorporated operational technology (OT) security features into their industrial switches and routers. This move is designed to enhance the cybersecurity protections for critical infrastructure and industrial networks. By embedding OT security directly into these networking devices, Cisco aims to provide comprehensive protection against cyber threats for customers in sectors such as manufacturing, … Read more
The Duo integration with Cisco Firepower Threat Defense (FTD) SSL VPN allows for two-factor authentication on AnyConnect or Secure Client VPN logins. Duo MFA for FTD supports push, phone call, or passcode authentication for SSL encrypted VPN connections, but does not include the interactive Duo Prompt for web-based logins. These instructions explain the process of … Read more