Cisco IOS XE Zero-Day: Network Supply Chain Vulnerabilities Underscore Lack of Threat Detection

Oct. 19, 2023, 6:10 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

40,000 devices compromised and counting: That’s what we’re facing with the zero-day vulnerability in Cisco’s IOS XE software used in its routers, switches, and access points, both physical and virtual.

This is still a developing story, but here are the important points:

What to know

The current activity is likely coming from a single threat actor, with the first observed threat activity on September 28.

Cisco announced a zero-day vulnerability on October 16 (CVE-2023-20198) with no patch available as of …

access access points cisco cisco ios cisco ios xe compromised current detection devices facing important ios ios xe network physical points routers software story supply supply chain switches threat threat detection virtual vulnerabilities vulnerability zero-day zero-day vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Change Healthcare hasn't given VA details on hack-impacted veterans, top lawmaker says 12 hours ago | malware.news

change change healthcare hack healthcare +4

Two years in, Google says passkeys now protect more than 400 million accounts 12 hours ago | malware.news

account accounts article google +7

CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome 12 hours ago | malware.news

blog browsers bug chrome +19

How to Talk to The Board About Exposure 12 hours ago | malware.news

topic

Pro-Russia hackers target OT weaknesses in critical infrastructure 13 hours ago | malware.news

american article breaches critical +21

Watch out for tech support scams lurking in sponsored search results 13 hours ago | malware.news

blog blog post campaign home +12

Threat Intelligence Snapshot: Week 18, 2024 13 hours ago | malware.news

access amp april find +13

CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks 13 hours ago | malware.news

account account takeover agency article +30

Increased stealth introduced in updated Zloader malware 13 hours ago | malware.news

analysis anti-analysis article banking +18

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India

View on infosec-jobs.com

Cyber Program Manager - CISO- United States – Remote

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com

Network Security Engineer (AEGIS)

@ Peraton | Virginia Beach, VA, United States

View on infosec-jobs.com

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

@ EMW, Inc. | Mons, Wallonia, Belgium

View on infosec-jobs.com

Information Systems Security Engineer

@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)

View on infosec-jobs.com

View more jobs

all InfoSec news

Cisco IOS XE Zero-Day: Network Supply Chain Vulnerabilities Underscore Lack of Threat Detection

What to know

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Jobs in InfoSec / Cybersecurity

Social Engineer For Reverse Engineering Exploit Study

Cloud Security Analyst

Cyber Program Manager - CISO- United States – Remote

Network Security Engineer (AEGIS)

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

Information Systems Security Engineer