The user had enabled password synchronization via Google Chrome and saved his Cisco credentials in his browser so that this information could be synchronized with his Google account. The initial access to the Cisco VPN was through the successful compromise of a Cisco employee's personal Google account. In this document, Cisco Talos discloses the details (this is to be commended, as this is usually left in the dark) of how the attack on the Cisco VPN was able to succeed. This includes any impact on Cisco products or services, sensitive customer data or sensitive employee information, Cisco intellectual property or supply chain. It also states that Cisco has not seen any impact of this incident on its business. No ransomware was observed or deployed, and Cisco has successfully blocked attempts to access Cisco's network since the incident was discovered. The good news Cisco wants to communicate in its post: in addition, steps were taken to address the impact of the incident and further protect the IT environment.
But the attackers were already on the company's IT network and had access to data there. As a result, immediate action was taken to contain and eliminate the attackers, to be sure.
The incident occurred months ago, as Cisco identified a security incident that targeted the company's IT infrastructure back on May 24, 2022. I already came across the information a few hours ago – following tweet also points out the facts (cyber attack on Cisco).Īccording to the Cisco post Cisco Event Response: Corporate Network Security Incident, dated August 10, 2022, the company was the victim of a cyber attack.
0 kommentar(er)
