From Our Partners at KnowB4:
As social engineering continues to grow as a primary method of hacking attempts, another global technology firm has been identified as the target of a social engineering hacking campaign. Global software and cloud computing manufacturer Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers believe the attack was carried out by an initial access broker with the intent of selling access to the compromised accounts to other threat actors. Cisco Talos explains that the attackers first gained access to Cisco’s networks after hacking an employee’s personal Google account, then stole the employee’s Cisco passwords via Google Chrome’s password syncing feature. The attackers then used various social engineering tactics to expand their access.