AA11m ago

New.

Cisco has a number of listings today, three of them critical.

- CVE-2026-20184: Cisco Webex Services Certificate Validation Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL

- CVE-2026-20147-CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ

- CVE-2026-20180; CVE-2026-20186: Cisco Identity Services Engine Remote Code Execution Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv

More: https://sec.cloudapps.cisco.com/security/center/publicationListing.x @TalosSecurity #Cisco #infosec #vulnerability

@cR0w

Cisco Security Advisory: Cisco Webex Services Certificate Validation Vulnerability

A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services. Cisco has addressed this vulnerability in the Cisco Webex service. However, customer action is necessary for affected organizations that are using SSO integration. There are no workarounds that address this vulnerability. To avoid service interruption, customers who are using SSO should upload a new identity provider (IdP) SAML certificate to Control Hub. For more information, see Manage single sign-on integration in Control Hub. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL

Cisco
Conan the Sysadmin8h ago
A network warrior, the same as a crafty bandit, must know the languages of the trading routes. Silk road, spice road, #Linux, #Windows, #Cisco... https://cromwell-intl.com/networking/commands.html?s=mc
Network Commands for Linux/UNIX, macOS, Windows, Android, and Cisco IOS

How to use TCP/IP configuration commands on Linux/UNIX, macOS, Windows, Android, and Cisco IOS

Bob's Pages of Travel, Linux, Cybersecurity, and More
138h ago
Masz już IPv6 w sieci, choć o tym nie wiesz https://sekurak.pl/masz-juz-ipv6-w-sieci-choc-o-tym-nie-wiesz/ #Wbiegu #Cisco #Ipv6 #Sieci #Szkolenie
Masz już IPv6 w sieci, choć o tym nie wiesz

Gdy pada pytanie, czy sieć firmowa obsługuje IPv6, odpowiedź większości administratorów jest krótka: „Nie wdrażaliśmy”. I, technicznie rzecz biorąc, mają rację. Nikt nie konfigurował routera brzegowego do rozgłaszania prefiksu IPv6. Nikt nie stawiał serwera DHCPv6. Nie ma żadnej polityki adresowania w tej przestrzeni. Problem w tym, że IPv6 nie czeka...

Sekurak
sekurak News8h ago

Masz już IPv6 w sieci, choć o tym nie wiesz

Gdy pada pytanie, czy sieć firmowa obsługuje IPv6, odpowiedź większości administratorów jest krótka: „Nie wdrażaliśmy”. I, technicznie rzecz biorąc, mają rację. Nikt nie konfigurował routera brzegowego do rozgłaszania prefiksu IPv6. Nikt nie stawiał serwera DHCPv6. Nie ma żadnej polityki adresowania w tej przestrzeni. Problem w tym, że IPv6 nie czeka...

#WBiegu #Cisco #Ipv6 #Sieci #Szkolenie

https://sekurak.pl/masz-juz-ipv6-w-sieci-choc-o-tym-nie-wiesz/

Masz już IPv6 w sieci, choć o tym nie wiesz

Gdy pada pytanie, czy sieć firmowa obsługuje IPv6, odpowiedź większości administratorów jest krótka: „Nie wdrażaliśmy”. I, technicznie rzecz biorąc, mają rację. Nikt nie konfigurował routera brzegowego do rozgłaszania prefiksu IPv6. Nikt nie stawiał serwera DHCPv6. Nie ma żadnej polityki adresowania w tej przestrzeni. Problem w tym, że IPv6 nie czeka...

Sekurak
OTX Bot1d ago

March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day

In March 2026, 31 high-impact vulnerabilities were identified requiring prioritization for remediation, with 29 receiving Very Critical Risk Scores. Affected vendors included Cisco, Microsoft, Google, ConnectWise, and others, with Microsoft and Apple accounting for approximately 32% of vulnerabilities. Notably, the Interlock Ransomware Group exploited CVE-2026-20131, a zero-day deserialization vulnerability in Cisco Secure Firewall Management Center, as early as January 2026 to compromise enterprise networks. The group deployed custom remote access trojans and facilitated ransomware operations through crafted HTTP requests executing arbitrary Java code as root. Additional campaigns involved the DarkSword iOS exploit kit delivering GHOSTKNIFE, GHOSTSABER, and GHOSTBLADE payloads, and the Coruna exploit kit deploying PlasmaLoader malware. Nine vulnerabilities enabled remote code execution across multiple platforms. One vulnerability dated back nine years, emphasizing continued exploitation of legacy unpatched

Pulse ID: 69de0077cbff2dc8d99b17ff
Pulse Link: https://otx.alienvault.com/pulse/69de0077cbff2dc8d99b17ff
Pulse Author: AlienVault
Created: 2026-04-14 08:53:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cisco #ConnectWise #CyberSecurity #Google #HTTP #InfoSec #Java #Malware #Microsoft #OTX #OpenThreatExchange #RAT #RansomWare #RemoteAccessTrojan #RemoteCodeExecution #Trojan #Vulnerability #Word #ZeroDay #bot #iOS #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
David Bombal1d ago

Pass your Cisco CCNA with David

#CCNA #Devnet #Cisco #CCNP

El Mundo1d ago

Implementar IA sin control puede salir caro

Implementar IA sin control puede salir caro
San José, 13 abr (elmundo.cr) – En Costa Rica, la adopción de inteligencia artificial ya es una realidad en el sector empresarial. Según el estudio Caracterización del Sector TIC’s Costa Rica 2025 de PROCOMER, el 76% de las empresas tecnológicas en el país ya utiliza herramientas de IA generativa o agentes digitales para apoy [...]

#CienciaYTecnología #Cisco #Empresas #IA #ZeroTrust

https://elmundo.cr/cienciaytecnologia/implementar-ia-sin-control-puede-salir-caro/

Implementar IA sin control puede salir caro

Implementar IA sin control puede salir caro Ciencia y Tecnología - El Mundo CR

El Mundo CR
Beth Pariseau2d ago

#Cisco ’s #Splunk will fold #Galileo in with its #ITops products, but #AI apps and #observability introduce a new layer of management that's up for grabs in enterprises.

See what industry experts and practitioners have to say about this organizational conundrum here --> https://www.techtarget.com/searchitoperations/news/366641600/Cisco-Galileo-buy-reflects-blurring-lines-in-AI-observability

Cisco Galileo buy reflects blurring lines in AI observability

Cisco’s Splunk folds Galileo in with its IT ops products, but AI apps and observability introduce a new layer of management that's up for grabs in enterprises. 

TechTarget
Crucial Exams2d ago
🎉 This week's Crucial Exams Leaderboard is live! This week's winners are studying for #CompTIA #Microsoft #Cisco exams!
David Bombal2d ago

Pass your Cisco CCNA with David

#CCNA #Devnet #Cisco #CCNP