BADCANDY Chaos: Unpatched Cisco Devices Under Siege by Persistent Hackers
Australia’s Signals Directorate warns unpatched Cisco IOS XE devices are vulnerable to a known exploit, CVE-2023-20198, favored by the Salt Typhoon gang. Attackers install BADCANDY, a sneaky implant that detects and reinstalls itself upon removal. The fix? Patch those devices—or risk playing an endless game of malware whack-a-mole.
Hot Take:
Seems like cybercriminals are getting more creative than a toddler with a box of crayons! From implanting malware like BADCANDY on unpatched Cisco devices to phishing campaigns that eerily check if you’re six feet under, the cyber world is like an episode of “Black Mirror” with a twist of “Looney Tunes.” Someone better tell these hackers to stop watching Sci-Fi and start patching their moral compasses!
Key Points:
- ASD warns against BADCANDY implant on unpatched Cisco IOS XE devices, exploiting CVE-2023-20198.
- Defense contractor exec pleads guilty to selling cyber tools to Russia, facing up to 11 years in prison.
- Palo Alto Networks identifies new malware Airstalk targeting Omnissa’s Workspace ONE.
- Google Chrome will warn users of HTTP connections starting October 2024.
- LastPass users targeted in phishing scam asking if they’re dead to steal credentials.
Already a member? Log in here