3 matches found
Cisco IOS XE vulnerability widely exploited in the wild
An authentication bypass affecting Cisco IOS X was disclosed on October 16, 2023. Researchers have found since then that the vulnerability is widely being exploited in the wild to help install implants on affected switches and routers. Cisco IOS XE is a universally deployed Internetworking...
Supporting Our U.S. Federal Customers for BOD 23–02 by Mitigating the Risk From Internet-Exposed Management Interfaces
On June 13, 2023, the U.S. Cybersecurity & Infrastructure Security Agency CISA released Binding Operational Directive BOD 23-02: Mitigating the Risk from Internet-Exposed Management Interfaces. The directive requires federal civilian executive-branch agencies to adhere to two primary actions:...
Qualys Responds to CISA Alert: Binding Operational Directive 23-02
The latest Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency CISA BOD 23-02 requires agencies to take steps to reduce the attack surface created by insecure or misconfigured management interfaces across certain classes of devices. While this new mandate impac...