Global Scans · Cisco Systems · Weekly Summary

• Cisco has recently provided a series of key security upgrades aimed at correcting a notable vulnerability inside its Cisco Emergency Responder (CER) in an earnest effort to enhance the security of essential systems. Security Boulevard
• Cisco has released patches to fix a critical security flaw (CVE-2024 - 20253) in its Unified Communications and Contact Center Solutions products, which could allow remote attackers to execute arbitrary code on affected devices. Cyber Fusion Center | Threat Intelligence Solution Comp
• The Cisco Security Cloud enables customers to abstract security controls from multicloud infrastructure to provide advanced protection against emerging threats across any cloud, application or workload. MarketScreener
• The Cisco Security Cloud allows customers to abstract security controls from multicloud infrastructure to provide advanced protection against emerging threats across any cloud, application or workload. ChannelVision Magazine
• On-premises workloads are ripe for AI injection and incumbents like Cisco, IBM, Dell Technologies and HPE are eyeing opportunities and aggressively investing. Wikibon Research
• Cisco's intent to acquire SamKnows, a privately held broadband network monitoring company headquartered in London, England, will expand ThousandEyes' industry-leading view of global internet health. Cisco Systems
• A vulnerability (CVE-2023 - 20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defence firewalls is being exploited by attackers to gain access to vulnerable internet-exposed devices. Help Net Security
• Cisco will demonstrate its latest security technologies, including Secure Connectivity with SASE, Zero Trust with Duo, Cisco Multicloud Defence, Extended Detection and Response, Network Security and Cisco Security Services. Zawya
• Now the Cisco Security Cloud will be able to use a generative AI-enabled Policy Assistant that enables Security and IT administrators to describe granular security policies and assess how to best implement them throughout different aspects of their security infrastructure. Futurum Research
• Cisco is investing in cutting-edge innovations in artificial intelligence and machine learning that will augment security staff by simplifying operations and increasing efficacy. Cisco
• Cisco will provide the ability to embed AT&T wireless connectivity into Cisco devices enabling zero touch provisioning for Cisco and AT&T customers, through AT&T Control Center powered by Cisco. AT&T
• Cisco's advisory to deactivate the HTTP server feature on systems, accessible via the Internet, is not just a best practice but also echoes the advisory guidelines previously provided by the U.S. government, emphasizing the risks associated with publicly accessible management interfaces. eSentire
• Cisco is asking customers to immediately disable the HTTPS Server feature on all of their Internet-facing IOS XE devices to protect against a critical zero-day vulnerability in the Web User Interface of the operating system that an attacker is actively exploiting. Dark Reading
• Cisco warned admins today of a new maximum severity authentication bypass zero-day in its IOS XE software that lets unauthenticated attackers gain full administrator privileges and take complete control of affected routers and switches remotely. BleepingComputer
• Announced today at Cisco LIVE 2023, Cisco's Cloud Native Application Security solution, Panoptica, will now provide end-to-end lifecycle protection for cloud native application environments, from development to deployment to production. Cisco
• Cisco has issued a security advisory about a vulnerability in its Emergency Responder software that would allow an unauthenticated remote attacker to log in to an affected device using the root account. The Register
• A vulnerability affecting Cisco operating systems could enable attackers to take full control of affected devices, execute arbitrary code, and cause reloads that trigger denial of service conditions. Dark Reading
• Later this year, new tvOS apps from Webex by Cisco and Zoom will take advantage of Continuity Camera and expand their communications capabilities to Apple TV 4 K. Apple Newsroom
• Cisco's surprise agreement could reshape secure information and event management and extended detection and response markets. Dark Reading
• A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. Cybersecurity and Infrastructure Security Agency CISA
• With Cisco XDR, SOC teams can leverage a range of pre-built and customizable orchestration workbooks to help shut down threats and mitigate risk with just a few clicks. Cisco
• By leveraging AI and machine learning, Cisco XDR enables high-fidelity correlated detection, reduces clutter, and effectively aligns security risk with business risk. Cisco
• A critical security vulnerability in Cisco's SD-WAN vManage software could allow a remote, unauthenticated attacker to gain read and limited write permissions, and access data. Dark Reading

Last updated: 11 February 2024