Trending

News

A Notorious Hacker Leaks Cisco Data

Listen to this article

The notorious hacker IntelBroker announced in October that he and others had breached Cisco systems and obtained source code, certificates, credentials, confidential documents, encryption keys, and other types of information. The hacker claimed to have obtained source code associated with several major companies.

Cisco’s investigation showed that its systems had not been breached and that the data was actually obtained from a public-facing DevHub environment that serves as a resource center where customers can obtain source code, scripts, and other content.

The networking giant noted that while a majority of the data hosted in the DevHub environment was public, the hackers also obtained some files that were not intended for public download and were inadvertently published on the site due to a configuration error. The downloaded data included files related to some CX Professional Services customers.

Cisco initially said it had no evidence that confidential information such as sensitive personal information or financial data was compromised, but it has since removed this statement from its incident reports.

IntelBroker on Monday made available 2.9 GB of data obtained from the Cisco DevHub instance, claiming that the leaked files pertain to Cisco’s Catalyst, IOS, Identity Services Engine (ISE), Secure Access Service Edge (SASE), Umbrella, and WebEx products.

The leaked data, posted on the BreachForums cybercrime forum, includes JavaScript, Python, and other source code files, as well as certificates and library files.

The hacker claims to have downloaded 4.5 TB of data from the DevHub instance. IntelBroker previously claimed that a total of 800 GB of files were obtained, but the hacker is known to make claims that turn out to be exaggerated.

Cisco was reached out to last month for clarifications on the amount of data that was taken, but the company did not respond.

In response to IntelBroker’s new leak, Cisco said on Tuesday that it’s aware of the hacker’s posts and the company believes the files they reference are the ones previously identified during its investigation.

“As noted in prior updates, we are confident that there has been no breach of our systems, and we have not identified any information in the content that an actor could have used to access any of our production or enterprise environments,” Cisco said on Tuesday.
Cyberkitera

Cyberkitera is a premier cybersecurity publishing platform dedicated to providing the latest insights, expert security tips, and news across all areas of cybersecurity. Our mission is to empower individuals and businesses with knowledge to prevent cyber threats, stay informed about emerging trends, and safeguard their digital assets. From industry updates to practical advice on protecting against cyber attacks, Cyberkitera is your trusted source for staying ahead in the ever-evolving world of cybersecurity.

view all posts

Related Posts

Post Comment

You May Have Missed