lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 3 May 2019 07:36:10 +0000 (UTC)
From: InfoSec News <>
Subject: [Newsletter/Marketing] [ISN] Sinister secret backdoor found in
 networking gear perfect for government espionage: The Chinese are -- oh
 no, wait, it's Cisco again

By Iain Thomson in San Francisco
The Register
2 May 2019

Right on cue, Cisco on Wednesday patched a security vulnerability in some of 
its network switches that can be exploited by miscreants to commandeer the IT 
equipment and spy on people.

This comes immediately after panic this week over a hidden Telnet-based 
diagnostic interface was found in Huawei gateways. Although that vulnerability 
was real, irritating, and eventually removed at Vodafone's insistence, it was 
dubbed by some a hidden backdoor perfect for Chinese spies to exploit to snoop 
on Western targets.

Which, of course, comes as America continues to pressure the UK and other 
nations to outlaw the use of Huawei gear from 5G networks over fears Beijing 
would use backdoors baked into the hardware to snatch Uncle Sam's intelligence.

Well, if a non-internet-facing undocumented diagnostic Telnet daemon is reason 
enough to kick Huawei kit out of Western networks, surely this doozy from Cisco 
is enough to hoof American equipment out of British, European and other non-US 
infrastructure? Fair's fair, no?


Subscribe to InfoSec News

Powered by blists - more mailing lists