Tag: BADCANDY Implant

The Australian Signals Directorate (ASD) has issued a bulletin regarding ongoing cyberattacks targeting unpatched Cisco IOS XE devices in Australia, utilizing a previously undocumented implant identified as BADCANDY. These attacks exploit CVE-2023-20198, a critical vulnerability that allows remote, unauthenticated attackers to gain elevated privileges.