Threat Post

Cisco Patches Hardcoded SSH Key Vulnerability in UCM

The Cisco Unified Communications Domain Manager contains a default private SSH key that could allow an attacker to run arbitrary code on vulnerable installations. The bug is about as serious as they ...
Threat Post

Default SSH Key Found in Many Cisco Security Appliances

Many Cisco security appliances contain default, authorized SSH keys that can allow an attacker to connect to an appliance and take almost any action he chooses. Many Cisco security appliances contain ...
ZDNet

Cisco's warning: Patch now, critical SSH flaw affects Nexus 9000 fabric switches

Cisco has revealed that its Nexus 9000 fabric switches have a critical flaw that could allow anyone to remotely connect to a vulnerable device using Secure Shell (SSH) and control it with root user ...
IT News For Australia Business

Cisco plugs default SSH key security hole

Cisco has released patches to address default SSH key vulnerabilities in its Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance ...
Bleeping Computer

Cisco warns of large-scale brute-force attacks against VPN services

Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. A brute force attack is the ...
Ars Technica

PSA: Cisco fixes hard-coded credentials and default SSH key issues

A hardcoded backdoor account in a Cisco product? It must be a day that ends in y. Actually, I am not surprised that they keep 'finding' them. It helps keep support contracts looking like a 'good ...