Cisco disclosed this week that it suffered a data breach last month, resulting in the compromise of some user data.The networking giant revealed the incident via an event disclosure page published to its website. According to the posting, an unidentified bad actor on July 24 targeted a Cisco representative in a voice phishing (vishing) attack that enabled the attacker "to access and export a subset of basic profile information from one instance of a third-party, cloud-based customer relationship management (CRM) system that Cisco uses." In a vishing attack, a threat actor uses their voice (or a synthetic one generated with something like a large language model) to trick a target into giving up personal information. Depending on the circumstance, this could include a voicemail from a fake CEO asking for a gift card, a call from someone posing as IT personnel asking for VPN credentials or remote access, or some other individual — whoever the attacker needs to be to exploit the target's trust.Cisco did not specify the nature of the vishing attack.

Vishing is a years-old threat actor tactic, but if you think you're safe or will be able to spot an attacker when they come for you, don't be so sure. The rise of generative AI as a tool in the threat actor toolkit means that social engineering attacks are more sophisticated than ever before.Using AI, attackers can synthesize their voice to sound like an executive or craft a believable email. But even though spear-phishing is more advanced than it used to be, good security hygiene can go a long way.If you receive a suspicious email, check where it came from or forward it to the correct department. If you get a voice memo or call asking for sensitive information, confirm its validity through a separate line of communication (or in person, if possible). Consider user training to familiarize employees with emerging social engineering tactics, as well as phishing-resistant authentication, such as physical FIDO keys where appropriate.

Every cybersecurity incident is an opportunity to learn, strengthen our resilience, and help the wider security community," the disclosure read. "We are implementing further security measures to mitigate the risk of similar incidents occurring in the future, including re-educating personnel on how to identify and protect against potential vishing attacks.