Cisco says Chinese hackers are exploiting its customers with a new zero-day
TL;DR
Cisco warns that Chinese hackers are exploiting a critical zero-day vulnerability in its Secure Email Gateway and related products, allowing full device takeover with no patch available yet.
Source: TechCrunch
Cisco announced hackers are exploiting a critical vulnerability in some of its most popular products that allows the full takeover of affected devices and there are no patches available at this time. In a security advisory, Cisco said it discovered a hacking campaign on Dec. 10 targeting Cisco AsyncOS software, and in particular the physical and virtual appliances Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager. The affected devices have a feature called “Spam Quarantine” enabled and are reachable from the internet. A researcher told TechCrunch that this appears to be a particularly problematic hacking campaign since a lot of big organizations use the affected products, and it’s unclear how long the hackers had backdoors in the affected systems. Cisco Talos, the company’s threat intelligence research team, says the campaign is linked to Chinese hackers. Full Story