SoylentNews is people
SoylentNews
Submitted via IRC for Bytram
Hackers are actively trying to exploit a high-severity vulnerability in widely used Cisco networking software that can give complete control over protected networks and access to all traffic passing over them, the company has warned.
When Cisco officials disclosed the bug last week in a range of Adaptive Security Appliance products, they said they had no evidence anyone was actively exploiting it. Earlier this week, the officials updated their advisory to indicate that was no longer the case.
"The Cisco Product Security Incident Response Team (PSIRT) is aware of public knowledge of the vulnerability that is described in this advisory," the officials wrote. "Cisco PSIRT is aware of attempted malicious use of the vulnerability described in this advisory."
The update didn't say how widespread the attacks are, whether any of them are succeeding, or who is carrying them out. On Twitter on Thursday, Craig Williams, a Cisco researcher and director of outreach for Cisco's Talos security team, wrote of the vulnerability: "This is not a drill..Patch immediately. Exploitation, albeit lame DoS so far, has been observed in the field."
(Score: 3, Insightful) by Runaway1956 on Monday February 12 2018, @09:10PM (6 children)
And, that's probably only busines/corporate owned stuff. Few home users are going to even notice this exploit. Maybe, just maybe, they'll become aware of it after their network has been hacked. Far more likely that only a couple percent of Cisco products are going to be patched.
(Score: 4, Informative) by frojack on Monday February 12 2018, @09:31PM (1 child)
Ah, but it is VPN stuff, the savior and first recommended solution to every mention of spying or hacking.
And its probably something those VPN termination sites use.
3000 Series Industrial Security Appliance (ISA)
ASA 5500 Series Adaptive Security Appliances
ASA 5500-X Series Next-Generation Firewalls
ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
ASA 1000V Cloud Firewall
Adaptive Security Virtual Appliance (ASAv)
Firepower 2100 Series Security Appliance
Firepower 4110 Security Appliance
Firepower 9300 ASA Security Module
Firepower Threat Defense Software (FTD)
No, you are mistaken. I've always had this sig.
(Score: 4, Funny) by FatPhil on Monday February 12 2018, @09:32PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 0) by Anonymous Coward on Tuesday February 13 2018, @12:00AM (2 children)
Do home consumers use Cisco stuff? I always thought they were pretty much marketed to business only.
(Score: 3, Interesting) by insanumingenium on Tuesday February 13 2018, @12:43AM
None of this stuff is anywhere near consumer class, all of the devices on this list that physically could have a serial port do. Cisco does make consumer products, but consumer products aren't likely to make too big of waves when they have exploits.
(Score: 2) by FatPhil on Tuesday February 13 2018, @05:50AM
Apropos of nothing - it's shite.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by insanumingenium on Tuesday February 13 2018, @12:48AM
Anyone who can run an ASA at home, knows better. You don't get one running on accident, even with "wizards".