Thread regarding Cisco Systems Inc. layoffs

Cisco VPN debacle

So last friday we were all told to change passwords within 24 hrs. There was a breach. Since Monday, thousands of cisco people could not get vpn or duo to authenticate so for 4 days, many could not access our internet sites, tools, etc. only webex and email. Internal support has not publicly addressed or communicated anything. Waited 2 hrs on hold for internal support. They could not give a date on resolution! Now we know how out customers feel about our cr-p software and product support!

by
| 8576 views | | 50 replies (last ) | Reply
Post ID: @OP+1h3CJ0S6

50 replies (most recent on top)

On cisco check in, chuck say nothing about problems. In q&a message board peoples complaining but lame denial redponse from cisco. They continues to lie to employees. Also, chuck had big dark bags under eyes. Looks like kangaroo pouch full of little animals.

by
| | Reply
Post ID: @bgnm+1h3CJ0S6

On Maria’s watch

by
| | Reply
Post ID: @9xff+1h3CJ0S6

I thought Cisco had self-defending networks. Did it not self defend?? WTF??

by
| | Reply
Post ID: @9ltm+1h3CJ0S6

Juniper was not hacked. Arista was not hacked. Palo Alto Networks was not hacked. But Cisco WAS HACKED.
Guess where customers are going to buy their network and security gear from next time. Definitely not old Cisco. Done, done and done!

by
| | Reply
Post ID: @8nav+1h3CJ0S6

Juniper was not hacked. Arista was not hacked. Palo Alto Networks was not hacked. But Cisco WAS HACKED.
Guess where customers are going to buy their network and security gear from next time. Definitely not old Cisco. Done, done and done!

by
| | Reply
Post ID: @8plx+1h3CJ0S6

I heard it was related to this:

www.bleepingcomputer.com/news/security/us-chinese-govt-hackers-breached-telcos-to-snoop-on-network-traffic

by
| | Reply
Post ID: @8tfw+1h3CJ0S6

The fact that we have some poor bloke adding serial numbers into tables to try to get authentication is stunning. The subcontinent looks to be hit hard. Means sw quality to get worse.

by
| | Reply
Post ID: @6olr+1h3CJ0S6

Nothing works. Has nothing to do with the soft co-k muppet talking about password reset- must be a se--o. Duo, anyconnect issues not resolved. Another away day for us.

by
| | Reply
Post ID: @6vlz+1h3CJ0S6

Well, this week I did absolutely nada and I will be paid. No wonder Cisco is sinking. I hope this issue goes on for another 3 weeks.

by
| | Reply
Post ID: @6bah+1h3CJ0S6
You can’t connect to VPN and here is where you come for help? Are you kidding me?

After all my experience with Cisco IT, I prefer to ask for help in this forum as well.

by
| | Reply
Post ID: @5pqu+1h3CJ0S6

You can’t connect to VPN and here is where you come for help? Are you kidding me?

by
| | Reply
Post ID: @5pgi+1h3CJ0S6

You are m0r0ns. How hard is it for you to change your password. My entire team and extended team had zero problems.

by
| | Reply
Post ID: @5hzw+1h3CJ0S6

I was locked out of my account with no warning this morning. I had to contact my manager (other side of world) to get a temporary password. The manager is instructed not to release a password unless there is video confirmation of the person’s identity.

by
| | Reply
Post ID: @5mzy+1h3CJ0S6

@3och+1h3CJ0S6 stop bullshitting ppl. There was no Ukrainian or Russian based IT support ever.

by
| | Reply
Post ID: @5bbl+1h3CJ0S6

Like a breaching whale. Heaps of people locked out of their computers and directors handing out duo codes like viagra at Impact. The blokes are not too bothered by it- like having free time off. More quality time with the VBs.

by
| | Reply
Post ID: @5gcl+1h3CJ0S6

I can't connect to cisco vpn? Is this new issue? anybody can't connect too?

by
| | Reply
Post ID: @4adx+1h3CJ0S6

Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems.

The vulnerability came to light after an independent cybersecurity research team known as nao_sec uncovered a Word document ("05-2022-0438.doc") that was uploaded to VirusTotal from an IP address in Belarus.

"It uses Word's external link to load the HTML and then uses the 'ms-msdt' scheme to execute PowerShell code," the researchers noted in a series of tweets last week.

According to security researcher Kevin Beaumont, who dubbed the flaw "Follina," the maldoc leverages Word's remote template feature to fetch an HTML file from a server, which then makes use of the "ms-msdt://" URI scheme to run the malicious payload.

by
| | Reply
Post ID: @4cqp+1h3CJ0S6

Oprah hacked Cisco. Confirmed. As a result, RTP is closing.

by
| | Reply
Post ID: @4lmx+1h3CJ0S6

You just know come next the next check in the comments section is going to be exploding with questions about what happened but the ELT will totally ignore them

by
| | Reply
Post ID: @4kgi+1h3CJ0S6

So if we did not get hacked or are dealing with a sustained attack, then we can all rest easy knowing we have poor leadership in our infosec, IT team, and BU supporting and testing what ever it is they are trying to implement and contain. At least communicate what’s going on rather than leaving people in the dark.

by
| | Reply
Post ID: @4onk+1h3CJ0S6
Folks why do you think we have been hacked? Have you got any proof?

Pretty sure we are battling a sustained “security incident”. They have been aggressively screwing down every security app out there, which is causing real problems — such as with VPN access.
I’ve also seen that there is now enhanced procedures to confirm one’s identity for access to change tokens or DUO profiles.
You don’t do this because it’s Pride month.

by
| | Reply
Post ID: @3voo+1h3CJ0S6

@3gkj+1h3CJ0S6, I have no proof, but the suspicion of our Russian employees doing something bad, is a reasonable fear.

There was a recent article about a zero-day exploit in a third-party app used widely by thousands of Cisco employees and the vendor didn't share details until a patch was ready, but by then some company announced that there was evidence of this exploit in the wild over the holiday weekend.

Putting two and two together and I'd say that Cisco was being very proactive to prevent this zero-day exploit from exposing Cisco. Whether or not Cisco was hacked via this exploit or not, we'll all have to wait and see what gets announced. But I'm thinking this is what caused the massive fire drills we've all been going through.

But, there are a sh-t ton of companies that use this third party app, so it's a big deal in the world of software development.

by
| | Reply
Post ID: @3yds+1h3CJ0S6

Folks why do you think we have been hacked? Have you got any proof? Any public or internal statements? Stop making these unfounded allegations against a company that puts food on your table every 2 weeks.

by
| | Reply
Post ID: @3gkj+1h3CJ0S6

40% of IT has been outsourced to Ukraine and Russia. Cisco cut all Russia employees and stopped paying them, looks like they are the ones who hacked Cisco or thru their exploits of backdoors. Ukraine emps can't work as they are fighting (males) in the war. Haven't been able to work for the past 4 business days as I can't connect to VPN. Can access email and webex. Good for me, just gettin' paid for nothin'

by
| | Reply
Post ID: @3och+1h3CJ0S6

Thousands are still not able to access Cisco internal via VPN. More people lost connection after they reset passwords over the weekend as per the latest request. A lot of us are on the webex space waiting for solution and watching the struggles. Check out INC7490298 for the latest

by
| | Reply
Post ID: @3jgd+1h3CJ0S6

Nothing to see here, move along.

by
| | Reply
Post ID: @3wzc+1h3CJ0S6

Can confirm. No security breach. Just preventative measure.

by
| | Reply
Post ID: @3hvh+1h3CJ0S6

Zero Trust Network Access .... MWAHAHAHA

by
| | Reply
Post ID: @3gyw+1h3CJ0S6

I never seen HR and IT so triggered as this thread. Their shills are replying on overload.
Changing passwords twice in a week is more than meets the eye for sure. I've never seen that done anywhere.

by
| | Reply
Post ID: @3fgh+1h3CJ0S6

@2ygc+1h3CJ0S6 is the dude responsible for Cisco's IT security. He is trying to push the narrative that Cisco was not hacked, that people were not asked to change their passwords, that Cisco is the #1 IT co in the world. Give us a Brake, dude.

by
| | Reply
Post ID: @3kqg+1h3CJ0S6

Now it’s starting to make sense why I got hired at 200k+ and have to change my pw 3 times… because there’s a bunch of grumpy old timers who don’t believe in security.

by
| | Reply
Post ID: @2rkf+1h3CJ0S6

@2nrc+1h3CJ0S6 why do you think we have been hacked? Have you got any proof? Any public or internal statements? Just because you don’t know the real reason behind our security being hardened does not mean that we have been hacked. No wonder Cisco is in such a state. Why wouldn’t they be with employees whose IQ levels are so poor.

@2gcp+1h3CJ0S6 I am sure it’s not working for you or anyone else who’s either smoking something exotic or off his/her/their medication. Thankfully, appears to be working for most others at Cisco - else we’d see an excess of 70K m0r0nic conspiracy theory posts here every nanosecond. There is no conspiracy theory here. Move on, wa-k off, let out some steam. And relax

by
| | Reply
Post ID: @2ygc+1h3CJ0S6

I got a 3rd email asking me to reset my password, gheeeee, what's up with all this fuss?
Who real hacked us? How can we be hacked so easily if we claim to be a tech giant with over 25yrs experience in tech? Somethin' don' add up.

by
| | Reply
Post ID: @2nrc+1h3CJ0S6

Last few comments sound like some PR the sky isn’t falling stunt and it ain’t working.

by
| | Reply
Post ID: @2gcp+1h3CJ0S6

@2zxh+1h3CJ0S6

That email was sent to holders of both AWS and GCP accounts. I don’t think there was a data breach at all. It’s just precautionary. There has been thousands of employees in Russia and Belarus who have been taken off payroll recently. I suspect it’s a precaution, if not preventive measure against that. They were taken off internal systems immediately back in Feb but probably not the public cloud accounts.

by
| | Reply
Post ID: @2qmm+1h3CJ0S6

I have a GCP account and got an email saying my id associated with my GCP account is going to be automatically reset today. I don’t think it’s Cisco that had data breach if they did they’d need to inform employees. I think GCP had data breach.

by
| | Reply
Post ID: @2zxh+1h3CJ0S6

"The #1 IT company got hacked,"

Prove your claim please. At least back it up with verifiable sources, else you're just making schitt up.

by
| | Reply
Post ID: @2cph+1h3CJ0S6

“ May you kindly advice why a company ask their all employees to reset password two times in a week please? Breach doesn't mean a company lost all its assets, there are different stages in a breach (MITRE ATT&CK steps)...”

I know very well what a breach is. The OP clearly stated that the email mentioned a breach and that is a lie.

Besides, there can be multitude of reasons why such a steps need to be taken besides a breach ( even a b”breach” serves the purpose of sensationalism on a conspiracy site) . it could be heightened threat alerts - I know of at least one other Silicon Valley company who are also doing the same , to harden security due to perceived threats from Russia.

by
| | Reply
Post ID: @2asj+1h3CJ0S6
I just got a email to change my password yet again after I already changed it…..

So you immediately jumped on this site to tell the world. Stupid. Glad Cisco doesn't share sensitive info with you.

by
| | Reply
Post ID: @2dlf+1h3CJ0S6

The #1 IT company got hacked, what a joke. No wonder our security products are not selling that well as compared to PAN/Fortinet/Checkpoint, etc

by
| | Reply
Post ID: @2xnn+1h3CJ0S6

Post a reply

: