Cyber security news for all

More

    Cisco has released security advisories for vulnerabilities

    Cisco has eliminated various software vulnerabilities with high and medium ratings and updated sloppy router firmware. Updates are available that Cisco customers should install quickly. A quick update to the latest firmware versions is particularly advisable for owners of the routers mentioned: They fix further potential security risks, which Cisco has broken down into separate notices.

    An appropriately filtered search query returns an overview of all security advisories as well as informational advisories for the router firmware on the Cisco website. The relevant versions and the corresponding update notes can be found in the advisories.

    Cisco security vulnerabilities

    Researchers have now discovered a way to install Cisco backdoors on some models of company routers. If you consider the usual treatment of routers, this could go undetected for a long time. The concept of the attack looks simple, but in reality it is quite complex: If the perpetrator gains access to a vulnerable router, he can upload a modified firmware and as soon as he gets remote access to the device, he can install plugins and the device continue to compromise.

    Careless Firmware Development

    The mentioned informational advisors describe that the development teams of the firmware for the small business routers RV016, RV042 or RV320 have slopped. External security researchers discovered the shortcomings and reported them to Cisco. Apparently, the firmware program code contained a static host key as well as several static certificates and key pairs, which were used for test purposes and were forgotten in the firmware upon delivery. However, Cisco emphasizes that these relics were no longer used in live operation. Cisco does not seem to see any great danger, since the firmware for user authentication does not use / etc / shadow. An attacker with access to the operating system of affected devices could theoretically have obtained root rights in this way; however, the company knows of no way in which it could have obtained this operating system access.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox