For providers

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security misconfiguration jumped to second place while injection vulnerabilities dropped, as organizations improve defenses against traditional coding flaws.

Explore. Connect. Get inspired. Learn with Cisco.

GlassWorm, a self-propagating VS Code malware first found in the Open VSX marketplace, continues to infect developer devices around the world.

Discover Cisco’s Industrial Insider Webinar Series—30-minute sessions designed to deliver expert insights, practical solutions, and the latest innovations in Industrial IoT, helping you to elevate and secure your industrial operations with ease.

Discover how Cisco Networking Academy is accelerating digital transformation across Latin America through innovative partnerships, hands-on training, and groundbreaking initiatives in AI and… Read more on Cisco Blogs

Today, I noticed scans using the username "FTP_3cx" showing up in our logs. 3CX is a well-known maker of business phone system software [1]. My first guess was that this was a default user for one of their systems. But Google came up empty for this particular string. The 3CX software does not appear to run an FTP server, but it offers a feature to back up configurations to an FTP server [2]. The example user used in the documentation is "3cxftpuser", not "FTP_3cx". Additionally, the documentation notes that the FTP server can run on a different system from the 3CX software. For a backup, it would not make much sense to have it all run on the same system.

Attackers compromise hospitality providers with an infostealer and RAT malware and then use stolen data to launch phishing attacks against customers via both email and WhatsApp.

At Cisco, our military veteran team members, along with military spouses and those serving in the reserves, strengthen our workforce through their leadership, discipline, adaptability, and a commitment to excellence.