Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages
Security researchers have identified two phishing threats impersonating Cisco and Grammarly. Both phishing operations consist of illegitimate webpages directing users to malware known to researchers as DarkTortilla. The .NET based malware can be configured to deliver various payloads and is known for its several functions that render it extremely stealthy
Cisco Confirms Network Breach Via Hacked Employee Google Account
Cisco Systems has confirmed that it suffered from a network breach after attackers were able to gain access to an employee’s VPN client via a compromised Google account. The network giant released a statement on Wednesday addressing the security incident. The attack occurred in May and was perpetrated by the

John Chambers on Risk and Opportunity in the Modern Age
John Chambers is the legendary former CEO of Cisco, a company he helped grow from $70 million in revenue per year when he joined in 1991 to $1.2 billion a year the year he became CEO to over $48 billion a year by the time he retired in 2015. As a leader John was always known for far more than just revenue growth, he was skilled at building an organization that treated people well, including employees, customers and the community.
In this OODAcast we discuss John’s book, Connecting The Dots, which shares his insights into leadership including leadership of organizations that need to disrupt themselves. The lessons of this book can help those at any stage of a career improve in their ability to lead innovative companies.
Cisco Issues Critical Fixes for High-End Nexus Gear
Cisco Systems recently released six security patches linked to its 9000 series networking gear. The patches range in severity from critical to medium. The most serious of the bugs patched by Cisco ranked 9.1 on the CVSS scale and could allow for a remote and unauthenticated adversary to read or
Critical Cisco Bug in VPN Routers Allows Remote Takeover
Security researchers warned that a vulnerability that lies in a subset of Cisco Systems’ VPN routers typically used by small businesses could allow for remote and unauthenticated attackers to take control of a device. According to researchers, there are at least 8,800 systems that are vulnerable due to the security
Cisco Patches Code Execution Flaw in VPN Product 6 Months After Disclosure
Earlier this week, Cisco announced that it had released patches for a high-severity vulnerability that lies in its AnyConnect Secure Mobility Client that can be exploited for remote code execution. The flaw was initially disclosed in November of 2020, and it has taken roughly six months for the company to
Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks
Cisco has rolled out patches addressing severe vulnerabilities that could be exploited to perform remote code execution and privilege escalation. The flaws lie in the SD-WAN vManage Software. The bugs could allow an unauthenticated attacker to steal information from vulnerable networks. Cisco also disclosed a denial-of-service issue in the same
Linux kernel vulnerability exposes stack memory, causes data leaks
Cisco Talos has disclosed an information disclosure vulnerability in the Linux kernel that can lead to further compromise. According to a statement released by Cisco on Tuesday, the bug could allow an attacker to view Kernel stack memory, acting as a springboard to inflict further damage to a system and
Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers
Cisco has stated that it does not plan to patch three different small business router models and one VPN firewall device, despite critical vulnerabilities found in each. The SOHO router models contain a bug that is rated 9.8/10 in severity, and could allow unauthenticated remote users to attack targeted equipment
Cisco Warns of Critical Auth-Bypass Security Flaw
Cisco has allegedly fixed a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches. The vulnerability could allow for a remote attacker to bypass authentication, according to the company. The bug is one of three critical flaws patched by Cisco this past week. The