Security Bulletin

Services Specialist Core Jonathan T. wanted to join a company that supported him in the Navy Reserves and embraced his unique skillset. He found it at Cisco.

Learn how the Cisco Cloud Protection Suite protects applications, simplifies multicloud security operations, and supports business growth

Cisco Capital is thrilled to present several game-changing initiatives geared towards driving greater partner profitability, enhancing your customer engagement, and fortifying our shared commitment to sustainable technology.

Whether you call it Veterans Day, Remembrance Day or Armistice Day, November 11 is when we pause to give thanks to those who serve. At Cisco Networking Academy, we reflect on what we can do in return.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: eSOMS Vulnerabilities: Generation of Error Message Containing Sensitive Information, Exposure of Sensitive System...

CISA released four Industrial Control Systems (ICS) advisories on November 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-313-01 Johnson Controls Quantum HD...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable Remotely/Low attack complexity Vendor: Johnson Controls Inc. Equipment: Quantum HD Unity Vulnerability: Active Debug Code 2. RISK EVALUATION Successful exploitation of this...

Today, CISA, the National Security Agency (NSA), and partners released Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption. Developed through the Enduring Security Framework (ESF), this guidance...

Code injection techniques (T1055 from MITRE[1]) is a common technique these days. It&#x27s a nice way for an attacker to hide malicious code into a legit process. A deviation of this technique is called “Process Hollowing”[2] where code of the...

A premier Russian APT used living-off-the-land techniques in a major OT hit, raising tough questions about whether or not we can defend against the attack vector.

We need to develop our own talent, find ways to protect IP, and play the long game on AI against the Chinese and other tech adversaries – we can’t do it with EOs and more regulations.