Cisco Systems has discovered a critical vulnerability is its Cisco Voice Operating System software that allows an unauthenticated, remote hacker to gain elevated access to 12 types of Cisco Voice-OS products. Michael Patterson, CEO at Plixer commented below.
Michael Patterson, CEO at Plixer:
“Given the recent vulnerability in Cisco’s Voice Operating System, it is important for network and security professionals to be aware of rogue SSH communications on the network. If you see an SSH connection to a device on the network from a client that normally doesn’t have SSH traffic, it may be a good idea to investigate to see why this connection is being made. Network Traffic Analytics (NTA) should be deployed to gather flows and metadata from every conversation on the network to provide visibility and alert you to rogue SSH traffic. Additionally, keeping systems updated with the latest security patches is very important to help remediate such problems. Security and network professionals should be sure to subscribe to notifications of software security releases so they can properly patch vulnerable systems.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.