Vendor Vulnerabilities: Is NSA Obligated to Let them Know?

Cisco’s Cloud Service Platform customers received word of exposures that could severely risk their data’s privacy. In September 2016, Cisco informed their virtual networking clients of the discovery that more than 840,000 devices are open to two serious vulnerabilities. Fortinet customers’ data were also exposed in the theft. These exploits can lead to man in the middle attacks around the globe.

Shadow Brokers 

A group identifying itself as Shadow Brokers allegedly stole exploits from Equation Group, linked to the National Security Agency three years ago. Using a Twitter account, Shadow Brokers recently announced an auction for firewall exploits they claim they found with a hacking tool used by the NSA. The group demanded Bitcoins in exchange for data with codenames such as EPICBANANA, EGREGIOUSBLUNDER, AND EXTRABACON.

EXTRABACON

One of the exploits that targets Cisco ASA, Cisco Firewall Services [...]

Share