- 1519565080 bpthumb - Advanced Actors Target Smart Install Client

Cisco has recently become aware of specific targeting Cisco switches by leveraging a protocol misuse issue in the Cisco . Several incidents in multiple countries, including some specifically targeting critical infrastructure, have involved the misuse of the Smart protocol. Some of these attacks are believed to be associated with nation-state actors, such as those described in U.S. CERT’s recent alert. As a result, we are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.

 

On Feb. 14, 2017, Cisco’s Product Incident Response Team (PSIRT) released an advisory detailing active scanning associated with Cisco Smart Install Clients. The Cisco Smart Install Client is a legacy utility designed to allow no-touch installation of new Cisco equipment, specifically Cisco switches. As a response to this activity, Cisco Talos published a blog and released an open-source tool that scans for devices that use the Cisco Smart Install protocol. In addition to the release of the scanning tool, additional coverage has been released for Snort (SID: 41722-41725) to detect any attempts to leverage this type of technology.

Read More >>

Tags:



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here