SoylentNews
SoylentNews is people
https://soylentnews.org/

Title    Cisco Begins Patching an NSA Exploit Released by the Shadow Brokers
Date    Friday August 26 2016, @07:29PM
Author    martyb
Topic   
from the Snowden's-Shadow dept.
https://soylentnews.org/article.pl?sid=16/08/26/119251

takyon writes:

Cisco is releasing patches for an exploit disclosed by an entity calling itself the Shadow Brokers:

Cisco Systems has started releasing security patches for a critical flaw in Adaptive Security Appliance (ASA) firewalls targeted by an exploit linked to the U.S. National Security Agency. The exploit, dubbed ExtraBacon, is one of the tools used by a group that the security industry calls the Equation, believed to be a cyberespionage team tied to the NSA.

ExtraBacon was released earlier this month together with other exploits by one or more individuals who use the name Shadow Brokers. The files were provided as a sample of a larger Equation group toolset the Shadow Brokers outfit has put up for auction.

[...] There is a second Equation exploit in the Shadow Brokers leak that targets ASA software. It is called EpicBanana and exploits a vulnerability that Cisco claims was patched back in 2011 in version 8.4(3). Nevertheless, the company published a new advisory for the flaw in order to increase its visibility. A third exploit, BenignCertain, affects legacy Cisco PIX firewalls that are no longer supported. Cisco investigated the exploit and said only versions 6.x and earlier of the PIX software are affected. Users who still have such devices on their networks should make sure they're running software versions 7.0 and later, which are not affected.

There is speculation that the hacks are actually leaks from a "second (third?) Snowden". A linguistic analysis of the "broken English" used by the Shadow Brokers determined that the text was written by someone pretending to not know English.

Previously:
"The Shadow Brokers" Claim to Have Hacked NSA
NSA 'Shadow Brokers' Hack Shows SpyWar With Kremlin is Turning Hot

Original Submission

Links
  1. "takyon" - https://soylentnews.org/~takyon/
  2. "releasing patches for an exploit" - http://www.computerworld.com/article/3112315/security/cisco-starts-patching-firewall-devices-against-nsa-linked-exploit.html
  3. "Shadow Brokers" - https://theintercept.com/2016/08/19/the-nsa-was-hacked-snowden-documents-confirm/
  4. "was released earlier this month" - http://www.computerworld.com/article/3107926/security/nsa-hacked-top-cyber-weapons-allegedly-go-up-for-auction.html
  5. "a new advisory" - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
  6. "speculation" - http://www.reuters.com/article/us-intelligence-nsa-commentary-idUSKCN10X01P
  7. "third?" - https://soylentnews.org/article.pl?sid=14/12/06/0950242
  8. "linguistic analysis" - https://motherboard.vice.com/read/the-shadow-brokers-nsa-leakers-linguistic-analysis
  9. ""The Shadow Brokers" Claim to Have Hacked NSA" - https://soylentnews.org/article.pl?sid=16/08/15/2251226
  10. "NSA 'Shadow Brokers' Hack Shows SpyWar With Kremlin is Turning Hot" - https://soylentnews.org/article.pl?sid=16/08/19/0242221
  11. "Original Submission" - https://soylentnews.org/submit.pl?op=viewsub&subid=15522
© Copyright 2024 - SoylentNews, All Rights Reserved

printed from SoylentNews, Cisco Begins Patching an NSA Exploit Released by the Shadow Brokers on 2024-04-24 18:48:08