Ransomware gang exploits Cisco flaw in zero-day attacks since January
Summary
The Interlock ransomware gang has been actively exploiting a critical remote code execution vulnerability in Cisco's Secure Firewall Management Center (FMC) software. These attacks have been ongoing since January and are being conducted as zero-day exploits, meaning Cisco had not yet released a patch.
IFF Assessment
FOE
This is bad news for defenders as a critical vulnerability is being actively exploited in the wild with no patch available.
Severity
10.0
Critical
(AI Estimated)
Defender Context
Defenders should be aware of this active exploitation and prioritize patching their Cisco Secure Firewall Management Center instances as soon as a fix is available. This highlights the risk of zero-day exploits and the importance of proactive threat hunting and incident response capabilities.