cyber Cyber Attack

Cisco

Nov 8, 2022 1 min read
Cisco

CISCO got hit and they immediately took control of the story.

The threat actors posted a directory of Drive C on their leak site.

The directory listed 3,176 files, comprising 2,875,897,023 bytes in 2111 Directories.

That information matches was sent as a tip.

It was determined that a Cisco employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the victim’s browser were being synchronized.

The attacker conducted a series of sophisticated voice phishing attacks under the guise of various trusted organizations attempting to convince the victim to accept multi-factor authentication (MFA) push notifications initiated by the attacker.

The attacker succeeded in achieving an MFA push acceptance which grant them access to VPN in the context of the targeted user.

Source: https://response.idx.us/crcs-information-texas/

"id": "CIS193201022",
"linkid": "cisco",
"type": "Cyber Attack",
"date": "08/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.