Ransomware, Data Security, Threat Intelligence

Alleged Kraken ransomware hack denied by Cisco

0-day in Cisco IOS XE software is under attack

Cisco has repudiated the purported compromise of its internal network by the Kraken ransomware operation, which proceeded to post sensitive information allegedly stolen from its systems, according to Hackread.

While Kraken ransomware was reported to have claimed the theft of Cisco's Windows Active Directory environment credentials, usernames and related domains, accounts' unique relative identifiers, and NTLM hashes through several credential dumping tools, Cisco disclosed that the stolen credentials had already been exposed in a breach nearly three years ago. "The incident referenced in the reports occurred back in May 2022, and we fully addressed it at that time. Based on our investigation there was no impact to our customers," said Cisco, which previously noted the intrusion attributed to a UNC2447-linked initial access broker to not have resulted in any critical internal systems infiltration. Such reemergence of previously exfiltrated information emphasizes the importance of proactive security defenses against mounting credential-based cyberattacks.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

BitBlock CipherBusiness Email Compromise (BEC)ChecksumCipherCorruptionCryptographic Hash FunctionsCyclic Redundancy Check (CRC)Information WarfareReconnaissance

You can skip this ad in 5 seconds