Join our subscribers
Cisco reveals cyberattack on its corporate network
Friday, August 12, 2022
A tweet posted by threat intelligence provider Cyberknow included a screenshot of the leak site of the Yanluowang ransomware group showing Cisco as its latest victim. The Cisco Talos notice displayed a screenshot of an email received by Cisco from the attackers. Threatening Cisco that “no one will know about the incident and information leakage if you pay us,” the email shows a directory of some of the files breached in the attack.
Why security companies are becoming targets
Cybersecurity and technology vendors are increasingly being targeted by cybercriminals. And the attacks are being conducted for several reasons, according to ImmuniWeb Founder and Cybersecurity Expert Ilia Kolochenko.
“First, vendors usually have privileged access to their enterprise and government customers and thus can open doors to invisible and super-efficient supply-chain attacks,” Kolochenko said. “Second, vendors frequently have invaluable cyber threat intelligence.”
In search of useful threat intelligence, attackers conduct surveillance to determine the status of investigations by private vendors and potential police raids by law enforcement, Kolochenko explained.
“Third, some vendors are a highly attractive target because they possess the most recent DFIR (Digital Forensics and Incident Response) tools and techniques used to detect intrusions and uncover cybercriminals, whilst some other vendors may have exploits for zero-day vulnerabilities or even source code of sophisticated spyware, which can later be used against new victims or sold on the Dark Web,” Kolochenko added. Read Full Article
ComputerWeekly: Cisco averts cyber disaster after successful phishing attack
Dark Reading: Cisco Confirms Data Breach, Hacked Files Leaked
