Cisco Hacked: Kraken Ransomware Group Leaks Internal Credentials

Cisco has reportedly suffered a significant data breach, with sensitive internal network credentials leaked online. The Kraken ransomware group claims responsibility, publishing a dataset on its dark web blog that includes usernames, security identifiers (SIDs), and NTLM password hashes. The data appears to have been extracted from Cisco’s Windows Active Directory environment using credential-dumping tools like Mimikatz.

 

Expert Analysis:

Despite Cisco’s reputation for robust security, this breach reveals a critical vulnerability within its internal defenses. The exposure of NTLM password hashes is particularly alarming, as it enables attackers to escalate privileges and move laterally within the network. This incident underscores a harsh reality: even industry leaders are not immune to sophisticated cyberattacks. It serves as a stark reminder that in cybersecurity, complacency is the enemy, and continuous vigilance is paramount.

 

Read the full article here.

NY, USA - FEBRUARY 29, 2020: Homepage of cisco website on the display of PC, url - cisco.com.

Stay informed with us!

You can subscribe to our monthly cybersecurity newsletter to receive updates about us and the industry

Blog

Check the latest updates on threats, stories, events and analysis.

Discord ID card breach

When Customer Support Becomes the Weakest Link: Lessons from the Discord Breach

  • Data Breach, News
How Businesses Can Protect Themselves From MatrixPDF Attacks

MatrixPDF Puts Gmail Users at Risk with Malicious PDF Attachments

  • Malware
Swiss e-ID and UAE Pass

Swiss e-ID vs UAE Pass: managing digital government identity

  • Article

More posts