The Shadow Brokers continue to make a name for themselves. Although their Bitcoin auction is not seeing much success, the group recently leaked some Cisco firewall exploits. After those security holes had been fixed, the exploits were quickly upgraded to attack more recent versions of ASA. It looks like this group means serious business after all.
Cisco Software Remains Vulnerable To Attack
So far, a lot of people strongly feel The Shadow Brokers cannot back up their claims of having obtained NSA hacking tools. The group has taken these comments to heart and slowly started unloading some of their gathered exploits. Mainly Cisco firewalls are vulnerable to different types of attack; the group has many tricks up their sleeve to bypass security.
Not too long ago, several exploits were released in the wild, all of which could bypass enterprise-grade Cisco firewalls. But that was only the first small step on a very long road, by the look of things. The Shadow Brokers upgraded these tools to attack current versions of ASA. Although the exploits are “old” in terms of attack vector, they are still a security concern.
But there is more, as this package of exploits contains other material as well. Various types of attacks against different types of firewall have been made publicly available. Among the targets are Juniper, Topsec, Fortinet, and WatchGuard firewalls. All of these exploits can be modified to attack both older and more recent versions of these security tools.
Balint Varga-Perke, security researcher, stated the following:
“Many say that the risk of this attack is limited because the vulnerable interfaces should only be accessible from the management zone of a network. But in many times this is not the case and we also have to think about attackers already inside a network. Since we are talking about embedded systems, upgrading can also be non-trivial and there are no good tools available to detect a firewall compromise. This creates an optimal opportunity for persistence.”
While none of these exploits are on the same level of what The Shadow Brokers claim to have obtained from the NSA, the collective is not just selling vaporware either. These leaked exploits may force security experts to take the group’s claims a bit more seriously. This story will undoubtedly unfold further over the coming weeks.
Image credit 1
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.