“China found the backdoors we installed for the NSA, buy our new product with different backdoors.”
Comment on Backdoored firmware lets China state hackers control routers with “magic packets”
halfempty@kbin.social 8 months ago
"Cisco said the threat actors are compromising the devices after acquiring administrative credentials and that there’s no indication they are exploiting vulnerabilities. Cisco also said that the hacker’s ability to install malicious firmware exists only for older company products. Newer ones are equipped with secure boot capabilities that prevent them from running unauthorized firmware."
RobotToaster@mander.xyz 8 months ago
Unaware7013@kbin.social 8 months ago
I wonder if they're using default/hard coded creds (Ciscos have had a ton of them) or if its just bad password hygiene on the admins' part.
partial_accumen@lemmy.world 8 months ago
Hardcoded creds seems like a really bad idea on a network appliance. If they MUST have hardcoded creds how about they only work when sent through a serial console at least your attacker would have to have local physical access to the device.
ddkman@lemm.ee 8 months ago
I do agree, and Cisco immediately grabbed the occasion to push their shitty restrictive trusted boot policy. Which is worrying.
Aqarius@lemmy.world 8 months ago
“Good news everyone, our old products are compromised, and the only solution is to buy new ones!”