Cisco Talos managed to disrupt a major ransomware campaign that researchers believe netted a hacker more than $30 million per year. The team determined that the Angler Exploit Kit used proxy servers of service provider Limestone Networks with the primary threat actor responsible for up to 50 percent of Angler Exploit Kit activity, according to a report on the Talos website. The attackers targeted as many as 90,000 victims per day.
Talos gained visibility into the network’s global activity through a collaboration with Level 3 Threat Research Labs. Thanks to this collaboration, the researchers were able to gain visibility into the attackers’ domain activity, Talos [...]
British GHCQ used hacked Cisco routers to spy on Pakistan, according to NSA whistleblower Edward Snowden. The purpose of the router exploits was to help identify Middle Eastern terrorists operating in Pakistan.
The UK government did not provide comment on Snowden’s claims.
Cisco routers have been known to ship with bugs in the past, and this is not the first time it has been said that routers shipped to foreign countries were infected with malware. Previously, in 2013, Snowden claimed that the same tactic was used by the US government via the NSA to spy on Chinese networks. There was, however, some question as to whether Cisco was actually the company at [...]
Researchers have discovered significant, clandestine cyber attacks in countries across three continents where more than a dozen compromised Cisco routers have been found operating in the wild.
Security researchers at FireEye have uncovered more than a dozen compromised routers operating in the wild as a part of attackers’ attempts to infiltrate corporate and government networks in four countries, according to a blog entry by security firm FireEye.
“This is the ultimate spying tool, the ultimate corporate espionage tool, the ultimate cybercrime tool,” noted Dave DeWalt, FireEye Chief Executive.
The published article by [...]
The Cisco Unified Communications Domain Manager (Cisco CDM) is a service delivery and management platform that automates administrative functions for the Unity Connection and Jabber applications. The vulnerability would allow unauthenticated, remote attackers to login with the privileges of the root user. Unfortunately, the account is hard coded into the software installation and has a default, static password.
This exploit allows a hacker to take full control of the system. Furthermore, the static password and account credentials mean you hack one box, you hack them all. A system or network administrator has no work-arounds available to change the software – or the [...]