Product
high
advisory
Cisco Duo Admin Login from Unusual Operating System
2 rules 1 TTP 2 IOCsDetection of Cisco Duo admin login attempts originating from operating systems not typically used in the environment, potentially indicating account compromise or unauthorized access.
Cisco Duo
cisco-duo
account-compromise
unauthorized-access
ttp
2r
1t
2i
medium
advisory
Cisco Duo Admin Login from Unusual Browser
2 rules 1 TTPDetects Cisco Duo admin logins from browsers other than Chrome, potentially indicating compromised credentials, session hijacking, or unauthorized device usage.
Cisco Duo
cisco-duo
credential-access
anomaly-detection
2r
1t
medium
advisory
Cisco Duo Policy Allowing Outdated Flash Usage
2 rules 1 TTPA Cisco Duo administrator may create or update a policy to allow the use of outdated Flash components, potentially increasing the attack surface by allowing exploitation of Flash vulnerabilities.
Cisco Duo +1
cisco_duo
policy_change
outdated_software
2r
1t