By Eduard Kovacs on June 09, 2021
Cisco’s Smart Install protocol is still being abused in attacks five years after the networking giant issued its first warning and there are still roughly 18,000 internet-exposed devices that could be targeted by hackers.
Cisco describes Smart Install as a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. Smart Install can be very useful for organizations, but it can also pose a serious security risk.
Once a device has been set up through Smart Install, the feature remains enabled and it can be accessed without authentication. This has allowed malicious actors to remotely target devices on which Smart Install is enabled, including to reload devices, load a new operating system image, and execute arbitrary commands with elevated privileges.
/PRNewswire/ Black Lotus Labs®, the threat intelligence arm of Lumen Technologies (NYSE: LUMN), recently uncovered a hacktivist campaign that leveraged.
Lumen veröffentlicht DDoS-Bericht für erstes Quartal 2021 pressnetwork.de - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from pressnetwork.de Daily Mail and Mail on Sunday newspapers.
New research looks at DDoS attacks that passed through Lumen scrubbing centers
Report includes a new blog that tracks attack methods recently used against Belgian government network
News provided by
Share this article
Share this article
DENVER, May 19, 2021 /PRNewswire/ Distributed Denial of Service (DDoS) attacks continue to evolve in complexity, frequency and scale. Lumen Technologies (NYSE: LUMN) tracks and mitigates these threats – including the Gafgyt and Mirai botnet families – and today the company released its quarterly DDoS report for Q1 2021. This research provides a view of the DDoS landscape with findings that both reinforce and expand on these trends.
GovInfoSecurity
Compliance
Compliance Twitter Get Permission
Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that can be used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.
Authoritative DNS servers are the final holder of the IP of a domain, responsible for providing details about specific websites to DNS servers, including information on domain names and IP addresses. The security researchers, Giovane C. M. Moura, Sebastian Castro, John Heinemann and Wes Hardaker, note the flaw affects DNS resolvers, which play a key role in converting web links to IP addresses in authoritative DNS servers.