• halfempty
    link
    fedilink
    411 year ago

    “Cisco said the threat actors are compromising the devices after acquiring administrative credentials and that there’s no indication they are exploiting vulnerabilities. Cisco also said that the hacker’s ability to install malicious firmware exists only for older company products. Newer ones are equipped with secure boot capabilities that prevent them from running unauthorized firmware.”

    • @Aqarius
      link
      English
      261 year ago

      “Good news everyone, our old products are compromised, and the only solution is to buy new ones!”

    • @[email protected]
      link
      fedilink
      English
      211 year ago

      “China found the backdoors we installed for the NSA, buy our new product with different backdoors.”

    • Unaware7013
      link
      fedilink
      201 year ago

      I wonder if they’re using default/hard coded creds (Ciscos have had a ton of them) or if its just bad password hygiene on the admins’ part.

      • partial_accumen
        link
        English
        241 year ago

        Hardcoded creds seems like a really bad idea on a network appliance. If they MUST have hardcoded creds how about they only work when sent through a serial console at least your attacker would have to have local physical access to the device.

      • @[email protected]
        link
        fedilink
        English
        91 year ago

        I do agree, and Cisco immediately grabbed the occasion to push their shitty restrictive trusted boot policy. Which is worrying.