An advisory published by the US National Security Agency (NSA) on October 20th warns that attackers continue to exploit many high-profile vulnerabilities, including the Pulse Secure VPN, Citrix ADC, and F5 Big-IP flaws. The warning should be no surprise to anyone in the information security field by now. The advisory also mentioned that attackers are now also making use of CVE-2020-3118, one of the five vulnerabilities in the Cisco Discovery Protocol (CDP) for which a patch is available. At the same time the NSA published the advisory, Cisco updated its customer guidance to indicate that attackers are known to exploit this vulnerability in the wild; and urged its customers to install the patch. In order to attempt to exploit this vulnerability, an attacker would have to have control of a system on the internal network, on the same broadcast domain as the affected Cisco product. The NSA states that the threat group actively exploiting this vulnerability is from China, but does not specify more details to identify which group it has observed.
12 Essentials for a Successful SOC Partnership
Binary Defense
January 12, 2023
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security
