Breaking News

G.SKILL Announces T5 Neo Series DDR5-6400 CL38 512GB (64GBx8) Overclocked R-DIMM Memory Kit with AMD EXPO Support for AMD Ryzen Threadripper PRO Workstations ZOTAC to Launch GeForce RTX 5090 ARCTICSTORM AIO & GeForce RTX 5060 Low Profile KIOXIA Commences Sample Shipments of 9th Generation BiCS FLASH 512Gb TLC Devices Synology Unveils DiskStation DS225 Plus New PS5 system update beta previews DualSense wireless controller pairing across multiple devices

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Cisco Routers Vulnerable To Attack: researchers

Cisco Routers Vulnerable To Attack: researchers

Enterprise & IT Sep 15,2015 0

Security researchers at FireEye, Mandiant say they have uncovered previously unknown attacks on the Cisco routers, allowing hackers to harvest data while going undetected by existing cybersecurity defenses. Routers maintain critical positions as they are located on the boundaries of a network as well as in the core. A router implanted with a backdoor provides attackers a very easy entry point to establish a foothold and compromise other hosts and critical data.

While this attack could be possible on any router technology, in this case, the targeted victims were Cisco routers. The Mandiant team found 14 instances of this router implant, dubbed SYNful Knock, across four countries: Ukraine, Philippines, Mexico, and India.

According to Cisco, "In the past, attackers were primarily targeting infrastructure devices to create a denial of service (DoS) situation. While these types of attacks still represent the majority of attacks on network devices, attackers are now looking for ways to subvert the normal behavior of infrastructure devices due to the devices' privileged position within the IT infrastructure. In fact, by owning an infrastructure device such as a router, the attacker may gain a privileged position and be able to access data flows or crypto materials or perform additional attacks against the rest of the infrastructure."

Routers are attractive to hackers because they operate outside the perimeter of firewalls, anti-virus, behavioral detection software and other security tools that organizations use to safeguard data traffic.

The implant uses techniques that make it very difficult to detect. A clandestine modification of the router's firmware image can be utilized to maintain perpetual presence to an environment. However, it mainly surpasses detection because very few, if any, are monitoring these devices for compromise.

The researchers said that addressing that new threat vector would require a different type of approach and would certainly reveal information about previously unknown compromises.

Cisco confirmed it had alerted customers to the attacks in August and said they were not due to any vulnerability in its own software. Instead, the attackers stole valid network administration credentials from targeted organizations or managed to gain for themselves physical access to the routers.

Tags: Hacking
Previous Post
SCEJ Press Conference 2015
Next Post
HyperX Releases Savage DDR4 Memory

Related Posts

  • MSI has been hacked, be warned about where you download files

  • Hackers gain access to PS5 Debug Menu and show decrypted PS5 firmware files

  • HP Threat Research Shows Attackers Exploiting Zero‐Day Vulnerability Before Enterprises Can Patch

  • EA Gets hacked - 780GB of data and sourcecode stolen

  • European Supercomputers Researching Covid-19 Report Hacking Attacks

  • Microsoft Offers You $100,000 If You Can Hack the Linux-based Azure Sphere

  • Zoom Users' Data have Been on Sale on Dark Web: report

  • Indonesia's Tokopedia Inverstigates Alleged Data Leak of 91 Million Users

Latest News

G.SKILL Announces T5 Neo Series DDR5-6400 CL38 512GB (64GBx8) Overclocked R-DIMM Memory Kit with AMD EXPO Support for AMD Ryzen Threadripper PRO Workstations
PC components

G.SKILL Announces T5 Neo Series DDR5-6400 CL38 512GB (64GBx8) Overclocked R-DIMM Memory Kit with AMD EXPO Support for AMD Ryzen Threadripper PRO Workstations

ZOTAC to Launch GeForce RTX 5090 ARCTICSTORM AIO & GeForce RTX 5060 Low Profile
GPUs

ZOTAC to Launch GeForce RTX 5090 ARCTICSTORM AIO & GeForce RTX 5060 Low Profile

KIOXIA Commences Sample Shipments of 9th Generation BiCS FLASH 512Gb TLC Devices
Enterprise & IT

KIOXIA Commences Sample Shipments of 9th Generation BiCS FLASH 512Gb TLC Devices

Synology Unveils DiskStation DS225 Plus
Enterprise & IT

Synology Unveils DiskStation DS225 Plus

New PS5 system update beta previews DualSense wireless controller pairing across multiple devices
Gaming

New PS5 system update beta previews DualSense wireless controller pairing across multiple devices

Popular Reviews

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

Soundpeats Pop Clip

Soundpeats Pop Clip

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

be quiet! Pure Base 501

be quiet! Pure Base 501

Terramaster F8-SSD

Terramaster F8-SSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed