Network Companies Cisco and Fortinet have issued warnings for vulnerabilities used in recently published exploits. In addition, confirmed former NSA employees, the authenticity of the exploits.
The Shadow Brokers, the group responsible for the publication, claiming that the exploits are from the Equation Group, which is linked to the US security NSA. Cisco and Fortinet warnings are issued for the vulnerabilities used in exploits in their software. Cisco is about leaks ASA devices and Fortinet has issued a warning for its FortiGate firmware. Thus the companies confirm the authenticity of the exploits, which earlier this week were tested by researchers on the products of companies. Upon publication by the Shadow was Brokers were not really immediately clear whether the exploits.
Cisco says that one of the two leaks found has already been resolved in 2011. This involves a leak that occurs in ASA-products with software version 8.4 (1) and below. The vulnerability made it possible for local and authenticated attacker to execute arbitrary code. The other leak, with reference CVE-2016-6366, is new, warns Cisco. The vulnerability exists in the Simple Network Management Protocol of the ASA software and also affects PIX firewalls. It is a buffer overflow , allowing an attacker to run code and to take over a system. Cisco has signatures released which this can be detected.
The leak in Fortinet’s firmware also relates to a buffer overflow. A special HTTP request send, an attacker can take over a device with this firmware. Fortinet claims that version 5 of its firmware is not vulnerable and that the leak occurs in firmware version 4 and below, which is released prior to August 2012. In the files of the Shadow Brokers are also exploits for Juniper products. That company has so far however not yet given a warning.
Former employees of the TAO department of the NSA confirmed to The Washington Post that it is indeed going to exploits of the NSA. “From what I’ve seen, there is no doubt that the files are really”, says one of them in front of the newspaper. Also security company Kaspersky revealed this week that there is a clear link between the leaked files and Equation Group. This had previously been identified by the company.
The Shadow Brokers claim to auction or sell it ‘better’ stocks amounting to 1 million bitcoin. On that a security researcher tells The Washington Post that the auction is a big joke, intended to distract. He adds that as easy to track money flows through Bitcoin that the purpose of such a large sum of ‘Madness’. The NSA has not yet comment on the leaked files.
No comments:
Post a Comment