Hackers Release Second Batch of Stolen Cisco Data

Category	Details
Threat Actors	IntelBroker, known for prior breaches (Apple, AMD, Europol).
Campaign Overview	Second batch of Cisco data leaked (4.84 GB) as part of a claimed 4.5 TB trove, stemming from an October 2024 breach. Hackers exploited a misconfigured public-facing DevHub resource.
Target Regions	Primarily Cisco’s internal data (global reach).
Methodology	Exploited an exposed DevHub resource without password protection or authentication to extract sensitive data.
Products Targeted	Cisco DevHub and internal systems; exposed data includes proprietary software, network configurations, cloud images, and cryptographic keys.
Malware Reference	Not applicable (data breach from misconfigured server).
Tools Used	Leveraged publicly exposed, misconfigured resources; no specific tools mentioned for the breach itself.
Vulnerabilities Exploited	Misconfigured, public-facing DevHub server without authentication or password protection.
TTPs	Exploitation of misconfigured systems; posting sensitive stolen data on breach forums; use of public repositories to expose proprietary and operational data.
Attribution	IntelBroker, a known hacker with a history of high-profile breaches.
Recommendations	Ensure secure configuration of public-facing resources, implement strict authentication and access controls, perform regular audits to identify exposed data, and enforce data access best practices.
Source	Hackread

Read full article: https://hackread.com/hackers-release-second-batch-of-stolen-cisco-data/

The above summary has been generated by an AI language model