Language Selection

English French German Italian Portuguese Spanish

Black Hat conference: Cisco IOS often targeted by hackers

Filed under
Security

IT professionals constantly worry about the next computer virus or worm, but there is a greater threat that is often ignored - Cisco routers. While many people think of the router as a hardware device, Cisco IOS, the software that powers the vast majority of routers is vulnerable to attack. Today, at the Black Hat computer security conference in Las Vegas, security expert Michael Lynn demonstrated just how easily a router can be taken over.

Routers are vital to the Internet as they route and prioritize traffic around the world. Using various techniques that we will explain in a later article, Lynn was able to move memory values within a Cisco router, thereby gaining the "enable" prompt or administrator access.

Full Article.

Cisco hits back at flaw researcher

Cisco Systems has taken legal action to keep a researcher from further discussing a hack into its router software.

The networking giant and Internet Security Systems jointly filed a request Wednesday for a temporary restraining order against Michael Lynn and the organizers of the Black Hat security conference.

Lynn alledgedly decompiled Cisco's software for his research and by doing so violated the company's rights. "It is our belief that the information that Lynn presented at Black Hat this morning is information that was illegally obtained and violated our intellectual property rights," a Cisco spokesman said.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Researcher Lost Job after Cisco presentation

The Michael Lynn story keeps getting more interesting. The computer security researcher lost his job at Internet Security Systems today after he briefed Black Hat conference attendees about a flaw in the software that powers Internet routers made by Cisco Systems. The latest is that Lynn has been served with a temporary restraining order designed to prevent him from discussing any more details about the flaw.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Flaw researcher settles dispute with Cisco

Michael Lynn, a former Internet Security Systems researcher, and the Black Hat organizers agreed to a permanent injunction barring them from further discussing the presentation Lynn gave Wednesday. The presentation showed how attackers could take over Cisco routers, a problem that Lynn said could bring the Internet to its knees.

The injunction also requires Lynn to return any materials and disassembled code related to Cisco, according to a copy of the injunction, which was filed in U.S. District Court for the District of Northern California. The injunction was agreed on by attorneys for Lynn, Black Hat, ISS and Cisco.

Lynn is also forbidden to make any further presentations at the Black Hat event, which ends Thursday, or the following Defcon event. Additionally, Lynn and Black Hat have agreed never to disseminate a video made of Lynn's presentation and to deliver to Cisco any video recording made of Lynn.

Full Story.

----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Kernel Space: Graphics

Early Ubuntu 14.04 vs. Ubuntu 16.04 Intel Xeon E5 Benchmarks

This morning I posted some Ubuntu 14.04 vs. 16.04 LTS Radeon graphics benchmarks while if open-source AMD graphics driver evolution doesn't get you excited, in this article are results from other non-graphics benchmarks in comparing the Ubuntu 14.04 vs. 16.04 performance for these long-term support releases in their current form. For getting an idea how the overall Ubuntu Linux performance has evolved over the past two years for those solely riding Long-Term Support releases, I compared the performance of Ubuntu 14.04.0 to Ubuntu 16.04 LTS in its current daily ISO form. The tests were done on the same Intel Xeon E5-2687W v3 (Haswell) system with MSI X99S SLI PLUS motherboard, 16GB of RAM, and AMD FirePro V7900 graphics. Read more Also: ‘Android OEMs Will Ship Ubuntu Phones This Year’, Say Canonical

Top Android apps for your Raspberry Pi

Mostly, our tutorials are about completing a specific project and reaching a particular goal. However, this time we’re doing something a bit different. We are showing you some Android apps that you can use along with your Ras Pi. These apps aren’t tied to particular projects – you can use them whenever and as often as you like – but we think they can add something to your whole experience with the Pi. Read more

These 3 things are trying to kill Linux containers

For nearly two years, Linux containers have dominated the world of enterprise IT, and for good reason — among others, they take on issues that virtualization simply cannot within application development and computing at scale and allow for the enterprise world to truly embrace concepts like devops and microservices (the Service Oriented Architecture dream from years gone by). That sound you hear is IT vendors stampeding towards the container bandwagon, but, as with every emerging tech trend, this isn’t always a good thing, as not everyone is walking the walk, regardless of what the business might actually say. Read more