| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 May 2019 07:36:10 +0000 (UTC) From: InfoSec News <alerts@...osecnews.org> To: isn@...ts.infosecnews.org Subject: [Newsletter/Marketing] [ISN] Sinister secret backdoor found in networking gear perfect for government espionage: The Chinese are -- oh no, wait, it's Cisco again https://www.theregister.co.uk/2019/05/02/cisco_vulnerabilities/ By Iain Thomson in San Francisco The Register 2 May 2019 Right on cue, Cisco on Wednesday patched a security vulnerability in some of its network switches that can be exploited by miscreants to commandeer the IT equipment and spy on people. This comes immediately after panic this week over a hidden Telnet-based diagnostic interface was found in Huawei gateways. Although that vulnerability was real, irritating, and eventually removed at Vodafone's insistence, it was dubbed by some a hidden backdoor perfect for Chinese spies to exploit to snoop on Western targets. Which, of course, comes as America continues to pressure the UK and other nations to outlaw the use of Huawei gear from 5G networks over fears Beijing would use backdoors baked into the hardware to snatch Uncle Sam's intelligence. Well, if a non-internet-facing undocumented diagnostic Telnet daemon is reason enough to kick Huawei kit out of Western networks, surely this doozy from Cisco is enough to hoof American equipment out of British, European and other non-US infrastructure? Fair's fair, no? [...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Powered by blists - more mailing lists