LONDON (IT BOLTWISE) – The recent cyberattacks on the renowned auction house Sotheby’s and the exploitation of security vulnerabilities in Cisco systems highlight the challenges of cybersecurity. As Sotheby’s grapples with a data breach involving sensitive information, hackers are exploiting vulnerabilities in Cisco software to install malicious rootkits.
Today’s daily deals at Amazon! ˗ˋˏ$ˎˊ˗
The cybersecurity landscape is becoming increasingly complex, as demonstrated by recent incidents at Sotheby’s and Cisco. Sotheby’s, one of the world’s most prominent auction houses, was the victim of a cyberattack on July 24 that stole sensitive data such as Social Security numbers and financial information. Despite comprehensive security measures, including multi-layered defenses and regular system updates, the attackers managed to break into the systems. The identity of the attackers remains unknown, highlighting the challenge organizations face in securing their data.
In parallel, Trend Micro is warning of a campaign called Operation Zero Disco that exploits a security vulnerability in Cisco IOS Software and IOS XE Software. This vulnerability, classified as CVE-2025-20352, allows attackers to install Linux rootkits on older, unprotected systems. Although Cisco closed the vulnerability last month, the incident highlights the importance of continually updating and monitoring systems to prevent such attacks.
Microsoft has also taken action to disrupt a ransomware campaign by the Vanilla Tempest group. By revoking over 200 certificates used by the group to sign their malware, Microsoft was able to curb the spread of Rhysida ransomware. This group, active since 2021, primarily targets the education and health sectors. The use of SEO poisoning to lure victims to infected installation pages highlights the sophistication of modern cyberattacks.
Another example of the ongoing threats is a phishing campaign claiming to be from LastPass. The attackers send emails with the subject “We’ve been hacked – update your LastPass desktop app” to lure users to phishing sites. While LastPass works to remove the fraudulent domains, Cloudflare has set up warning pages to protect visitors from the dangers.
These incidents highlight the need to continually improve and adapt cybersecurity strategies. Companies must not only rely on technological solutions, but also regularly train and educate their employees to minimize the risk of attacks. Collaboration between companies, security researchers and governments is crucial to effectively address growing threats in the digital space.
*Order an Amazon credit card with no annual fee with a credit limit of 2,000 euros! a‿z
Bestseller No. 1 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 2 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 3 ᵃ⤻ᶻ “KI Gadgets”
Bestseller No. 4 ᵃ⤻ᶻ «KI Gadgets»
Bestseller No. 5 ᵃ⤻ᶻ “KI Gadgets”
Please send any additions and information to the editorial team by email to de-info[at]it-boltwise.de. Since we cannot rule out AI hallucinations, which rarely occur with AI-generated news and content, we ask you to contact us via email and inform us in the event of false statements or misinformation. Please don’t forget to include the article headline in the email: “Cyber attacks on Sotheby’s and Cisco: Security gaps in focus”.