Cisco has fixed a vulnerability in its WebEx extension for Chrome that allowed for remote code execution on computers running the plugin.

Cisco is warning customers of a privilege escalation flaw in Cisco CloudCenter Orchestrator systems that could allow an attacker to gain root privileges on affected systems.

Researchers said they observed three separate spam campaigns pushing an updated version of Locky on Monday.

Cisco has issued an advisory warning its customers that products running its IOS software are vulnerable to attacks disclosed by the ShadowBrokers

Cisco warned customers of 12 vulnerabilities across its product line this week, including a critical vulnerability in the software that powers its conferencing product, WebEx Meetings Server. The company stressed on Wednesday that version 2.6 of its WebEx Meetings Server is vulnerable to a remote command execution vulnerability. If exploited, the bug could enable an attacker to...

After a summer of high-profile attacks and disclosures centered around enterprise network infrastructure, the Department of Homeland Security on Tuesday put out an alert explaining some of the tactics used by advanced attackers, and urged special caution in maintaining supply chain integrity. The warning to network operators, in particular aimed at those managing Cisco gear, comes...

Mike Mimoso and Chris Brook discuss the news of the week, including the latest on ShadowBrokers and Cisco, the Sweet32 collision attack, decryptors for the Wildfire ransomware, and this week’s gaming forum breaches. Download: Threatpost_News_Wrap_August_26_2016.mp3 Music by Chris Gonsalves

Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump. Users on affected versions of ASA, 7.2, and 8.0 through 8.7, are urged to migrate soon to 9.1.7(9) or later. Newer versions that are also implicated—9.1 through 9.6—are expected to be updated...

Exploits against enterprise-grade Cisco firewalls dumped by the ShadowBrokers have quickly—and apparently without a lot of strenuous effort—been upgraded to attack more current versions of ASA. Researchers at Silent Signal in Hungary yesterday tweeted they had ported the EXTRABACON attack to ASA version 9.2(4), which was released a year ago. We successfully ported EXTRABACON to...

Juniper Networks on Friday acknowledged that exploits contained in the ShadowBrokers data dump do indeed target its products. “As part of our analysis of these files, we identified an attack against NetScreen devices running ScreenOS,” said Derrick Scholl, director of security incident response at Juniper. “We are examining the extent of the attack, but initial analysis...