Ssecurity researchers revealed that several Cisco routers aimed at small businesses have the same embedded encryption keys. This can make it much easier for hackers to gain privileged access to the device. You can find more details on the story here.
وجد باحثون في مجال الأمن ان برامج التشغيل لعدد من أجهزه Cisco Router للشركات الصغيرة تحتاج تحديث firmware لها حتى لايتم اختراقها
Security researchers have found that the firmware for several Cisco small-business routers contains numerous security issues.https://t.co/1INNiv6xpy
— 🌍 #CyberSecurity ✍™ (@cybersec2030) November 7, 2019
Security researchers discovered that the same keys and certificates, which act as machine identities and control access to sensitive data, were embedded in several routers. This oversight makes it much easier for attackers to impersonate trusted machines or gain unauthorized, privileged access to these devices.
It\’s unfortunate that many organizations still haven’t realized how important machine identities are to security. For example, it would be unthinkable for an organization to use the same default password on multiple machines but similar missteps with keys and certificates are increasingly common.
The only way to prevent these kinds of mistakes is to put in place a strong machine identity protection program