recommended reading

Threatwatch

300 Cisco Switches Vulnerable to Flaw in WikiLeaks’ CIA Dump

Software vulnerability

The Cisco security team issued a critical advisory after combing through WikiLeaks' dump of alleged CIA hacking tools.

The Friday alert disclosed a vulnerability in the cluster management protocol in Cisco IOS and Cisco IOS XE software that could allow a remote attacker to control devices. The flaw may affect 300 switches.

Cisco said there are no workarounds for the issue, but the company recommends disabling the Telnet protocol for incoming connections and using the Secure Shell protocol.

WikiLeaks boasted its Vault 7 documents include “dozens of zero days” though it did not publish the code, so the claims are hard to verify. The website also said it would share the zero days with affected tech companies, but Motherboard reported WikiLeaks is waiting until certain, undisclosed demands are met.   

sector

Telecommunications

reported

March 20, 2017

reported by

ZDNet

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown