Cisco has revealed in its blog that they are aware of specific advanced attackers  targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Sean Newman, Director of Product Management at Corero Network Security commented below.

Sean Newman, Director of Product Management at Corero Network Security:

“Recent reports from Cisco’s Talos team* of a vulnerability enabling attackers to potentially gain remote control of switch devices for nefarious purposes, is just another example of how many IT system features there are exposed to the Internet which were originally developed to make IT team’s lives easier but, are now resulting in security headaches. This report follows closely on the heels of recent DDoS attacks powered by the exploitation of the commonly deployed memcached system tool, which was also found to be exposed directly to the Internet in tens of thousands of cases. These examples demonstrate why organisations need to not only be more diligent about what systems and services they expose to the Internet themselves, but also have the right solutions in place to protect from attacks which are continually being developed to abuse these exposed services for nefarious purposes.  And, having dedicated, real-time, automatic, DDoS protection in place is a prime example of where many organisations are still deficient in their defences.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.