Cisco Uncovers NSA’s Zero-Day Exploit

  • Saad Qureshi
  • Aug-18-2016
  • 0 Comments

The United States, California: After the exploit of NSA sponsored hacking team “Equation Group” by Shadow Brokers, the multinational US technology company “Cisco” has discovered two vulnerabilities which allow hackers to monitor and control the data passing through vulnerable Cisco networks.

Cisco has apparently patched one of the vulnerabilities known as CVE-2016-6366 and is looking forward to release signatures that will identify the exploits and prevent cyber goons from conducting an attack.

Cisco Uncovers NSA's Zero-Day Exploit

The NSA’s exploit unveiled a cyber weapon named as ExtraBacon, which can be utilized to conduct attacks on Cisco ASA (Adaptive Security Appliance) software. The ASA software primarily aims to secure firms’ network infrastructures, but with SNMP (Simple Network Management Protocol)vulnerability in place, an attacker can remotely execute malicious code on vulnerable Cisco network.

In addition to this, a separate attack code “EpicBanana” indexed as “CVE-2016-6367” exploited specific vulnerabilities in the firewall. The vulnerability allows an authenticated attacker to cause DoS (Denial of Service). On another hand, Cisco has confirmed that the ExtraBacon is the zero-day vulnerability that was unidentified to the company itself until the breach occurred.

However, it’s not the first time Cisco is bothered with security concerns. In 2014,”John Chambers”  CEO of Cisco reported the US President Barrack Obama about agencies secretly inserting malicious code in Cisco routers.

Cisco Uncovers NSA's Zero-Day Exploit

Saad Qureshi

Author

Saad Qureshi's Biography :


Saad is a privacy advocate by day and a Dota 2 player by night. He loves to share his knowledge, experience, and insights about internet freedom and online privacy. When he is not busy blogging about the latest trend in the tech world, he is engaged in killing noobs on Dota.