Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial System Configs

Threat Score:

GB Hackers

10 hours ago

Part of cluster #2083

Overview

Russian Hackers Exploit 7-Year-Old Cisco Flaw to Steal Industrial System Configs Static Tundra, a Russian state- threat actor connected to the FSB’s Center 16 unit, has been responsible for a sustained cyber espionage effort, according to information released by Cisco Talos. Operating for over a decade, this group specializes in compromising network devices to facilitate long-term intelligence gathering, with a focus on extracting configuration data from unpatched and end-of-life Cisco IOS syste...

Continue Reading on Original Site

5 articles

Apple addressed the seventh actively exploited zero-day

Security Affairs • 6 hours ago

Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing […]

Score

Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data

GB Hackers • 3 hours ago

Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data Quishing, a powerful form of phishing that uses malicious hyperlinks contained in QR codes to expose user credentials and sensitive data, has surfaced in the ever-changing field of cybersecurity threats. Unlike traditional phishing, which relies on clickable links or deceptive emails, quishing exploits the inherent opacity of QR codes, which are unreadable to the human eye and thus evade immediate suspicion. Attackers favor

Score

Warlock Ransomware Exploits SharePoint Flaws for Initial Access and Credential Theft

GB Hackers • 5 hours ago

Warlock Ransomware Exploits SharePoint Flaws for Initial Access and Credential Theft The Warlock ransomware group has intensified its operations by targeting unpatched on-premises Microsoft SharePoint servers, leveraging critical vulnerabilities to achieve remote code execution and initial network access. This campaign, observed in mid-2025, involves sending crafted HTTP POST requests to upload web shells, facilitating reconnaissance,privilege escalation, and credential theft. Initial Exploitati

Score

What MSSPs Can Learn From Healthcare Cybersecurity Risks

MSSP Alert • 6 hours ago

MSPs are well-positioned to empower healthcare organizations to address long-standing cybersecurity challenges.

Score

House lawmakers take aim at education requirements for federal cyber jobs

CyberScoop • 2 hours ago

The bipartisan Cybersecurity Hiring Modernization Act would give the edge to skills-based hiring for cyber jobs at federal agencies.

Score

CVES

CVE-2018-0171

ATTACK TYPES

Cyber Espionage

Network Compromise

Network Device Compromise

Remote Code Execution

INDUSTRIES

Critical Infrastructure

Education

Manufacturing

Telecommunications

COUNTRIES

Russia

Ukraine

United States

VULNERABILITIES

DDoS

Denial of Service

DoS

Remote Code Execution

COMPANIES

AMD

Adobe

Amazon

Apple

Cisco

AGENCIES

FBI

FSB

SECURITY VENDORS

Cisco Talos

Cloudflare

PLATFORMS

AWS

Android

Apache

Azure

Cisco IOS

APT GROUPS

Berserk Bear

Dragonfly

ENERGETIC BEAR

Static Tundra

RANSOMWARE

AnDROid

First

Kali

Trojan

MALWARE

Dark

SYNful Knock

MITRE ATT&CK

T1046

T1059

T1070.001

T1071

T1071.001

ARTICLE INFORMATION

Article #13048

Published 10 hours ago

GB Hackers

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

Apple addressed the seventh actively exploited zero-day

Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data

Warlock Ransomware Exploits SharePoint Flaws for Initial Access and Credential Theft

What MSSPs Can Learn From Healthcare Cybersecurity Risks

House lawmakers take aim at education requirements for federal cyber jobs

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies