YAHOO is more serious than the leakage of more than 850 thousand CISCO devices are still affected by

More serious than YAHOO leaked! Over 850 thousand sets of CISCO equipment is still under the zero day vulnerabilities in YAHOO’s technology Sohu – the history of the largest single site leaked after the incident, the hacker cosine commented: compared to YAHOO leaked 500 million account information, more concern is the Cisco related equipment in the processing of IKEv1 data packets exist the attacker can directly lead to serious defects in the privacy of remote access memory (this process is similar to more than two years ago, the global "bleeding heart"). The clues before the code was leaked by lying in NSA equation group, codenamed "BENIGNCERTAIN" (Cisco think this vulnerability like "BENIGNCERTAIN"), it seems that everyone’s awareness is still relatively lagging behind, presumably because before only see the "BENGINCERTAIN" effect is Cisco PIX equipment in ancient times at present, nearly 860 thousand of the world… Cisco equipment affected by this vulnerability, risk! Study on the deep Shadowserver team is great. According to foreign media reported on 25 may softpedia9, from a recent CISCO network equipment scans showed that the world there are still hundreds of thousands of sets of equipment without security patches, these devices will be faced by the attacker retrieval of data security risks from memory. CISCO recently acknowledged this fact: the Internet has an unnamed hacker group released a network attack suite, the attack suite had previously been considered only for the old impression (discontinued) affect the PIX firmware, but it has also spread to other new models. This tool called "BENINGCERTAIN", in August this year by a group called the The Shadow Brokers group leaked, the group also released dozens of attack tools, they claim that these are obtained from hackers, hacker organization equation and equation as everyone knows, NSA has indistinct relationship. BENINGCERTAIN co-founder LulzSec VPN extracted key according to the hacker group tFlow from CISCO devices (Mustafa, AL-Bassam) of the initial analysis, one can extract the virtual private network firewall based on BENINGCERTAIN using CISCO PIX (VPN key). Last week, BENINGCERTAIN is leaked after a month, CISCO announced that this tool also affects the current operation of IOS (the Internet operating system, CISCO company for the development of network equipment operation and maintenance system), IOS XE, IOS XR software equipment. In the Softpedia issued a document, there is no BENINGCERTAIN (Pix Pocket) for effective patch release. The researchers use IKE firmware to detect threatened devices at the technical level, vulnerability CVE-2016相关的主题文章: