{"id":191639,"date":"2026-02-26T11:05:00","date_gmt":"2026-02-26T16:05:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/26\/nsa-joins-asds-acsc-and-others-to-release-a-cybersecurity-alert-and-related-hunt-guide-on-cisco-sd-wan-systems\/"},"modified":"2026-02-28T15:05:21","modified_gmt":"2026-02-28T20:05:21","slug":"nsa-joins-asds-acsc-and-others-to-release-a-cybersecurity-alert-and-related-hunt-guide-on-cisco-sd-wan-systems","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/26\/nsa-joins-asds-acsc-and-others-to-release-a-cybersecurity-alert-and-related-hunt-guide-on-cisco-sd-wan-systems\/","title":{"rendered":"NSA Joins ASD\u2019s ACSC and Others to Release a Cybersecurity Alert and Related Hunt Guide on Cisco SD-WAN Systems"},"content":{"rendered":"

NSA Joins ASD\u2019s ACSC and Others to Release a Cybersecurity Alert and Related Hunt Guide on Cisco SD-WAN Systems<\/a><\/p>\n

https:\/\/www.nsa.gov\/Press-Room\/Press-Releases-Statements\/Press-Release-View\/Article\/4416296\/nsa-joins-asds-acsc-and-others-to-release-a-cybersecurity-alert-and-related-hun\/<\/a><\/p>\n

Publish Date: 2026-02-26 11:05:00<\/a><\/p>\n

Source Domain: www.nsa.gov<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

FORT MEADE, Md. \u2013 The National Security Agency (NSA), the Australian Signals Directorate\u2019s Australian Cyber Security Centre (ASD\u2019s ACSC), and other agencies have issued the Cybersecurity Alert “Exploitation of Cisco SD-WAN Appliances,” and a corresponding, “Cisco SD-WAN Threat Hunt Guide.”The alert warns of malicious cyber actors targeting Cisco Catalyst Software Defined Wide Area Network (SD-WAN) systems used globally. The Hunt Guide details the tactics, techniques, and procedures (TTPs) used by the actors, and helps organizations identify and investigate potential compromise of their Cisco Catalyst SD-WAN systems.For over a year, malicious actors exploited vulnerabilities in Cisco SD-WANs. Most notably, by leveraging a previously unknown (zero-day) vulnerability, CVE-2026-20127, these actors introduced a malicious rogue peer, gained authenticated access, and established persistent, long-term presence within the compromised SD-WAN networks.Cybersecurity professionals and network administrators are strongly advised to take immediate action to ensure all Cisco Catalyst SD-WAN devices are fully patched to the appropriate Fixed Release version. They are also advised to hunt for evidence of compromise, as described in the Hunt Guide, and apply Cisco\u2019s SD-WAN hardening guidance to reduce risks. Patching, executing the Hunt Guide, and reviewing the SD-WAN hardening guidance in full is crucial for high-confidence network security.Co-sealing this Cybersecurity Alert and Hunt Guide are the National Security Agency (NSA); Cybersecurity and Infrastructure Security Agency (CISA); Australian Signals Directorate\u2019s Australian Cyber Security Centre (ASD\u2019s ACSC); Canadian Centre for Cyber Security (Cyber Centre); New Zealand\u2019s National Cyber Security Centre (NCSC-NZ); and United Kingdom\u2019s National Cyber Security Centre (NCSC-UK).Read the full reports.
\nExploitation of Cisco SD-WAN Appliances
\nCisco SD-WAN Threat Hunt Guide
\nCisco Security Advisory – Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
\nCisco Security Advisory – Cisco Catalyst SD-WAN VulnerabilitiesVisit our full library for more cybersecurity information and technical guidance.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

NSA Joins ASD\u2019s ACSC and Others to Release a Cybersecurity Alert and Related Hunt Guide…<\/p>\n","protected":false},"author":1,"featured_media":191640,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/media.defense.gov\/2026\/Feb\/26\/2003880854\/1920\/1080\/0\/260226-D-AB123-1001.PNG","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,29,27],"class_list":["post-191639","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-network-security","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/191639"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=191639"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/191639\/revisions"}],"predecessor-version":[{"id":191641,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/191639\/revisions\/191641"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/191640"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=191639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=191639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=191639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}