Cisco Security seeing Uptick in WebEx Phishing
Cisco Security is seeing a uptick in reported phishing emails requesting users to update their Cisco WebEx client immediately to secure a vulnerability.
Cyber threat actors are using new and targeted attempts, even obfuscating their intent with reporting real vulnerabilities in their phishing emails, attempting to steal user credentials by making them believe they are vulnerable and need to login to download the latest version or patches to their Cisco WebEx client.
Users who are affected by this phishing campaign could expose login information for their Cisco WebEx account.
Always verify the validity of email before clicking any links, do not download attachments you are not certain of, and keep your anti-virus up to date.
Palo Alto Networks Releases Security Updates
Palo Alto Networks has released several security updates for their PAN-OS, Traps, Cortex XDR, Global Protect Agent, and VM-Series Plugin. These security updates patch denial of service or priveledged escation, buffer overflow, and inadverdant collection of credentials vulnerabilities.
If these vulnerabilites are left unpatched the devices and software could be susceptible to DOS attacks or hostile takeover.
Palo Alto Networks recommends updating affected devices and software to the lastest versions as soon as possible.