Cisco has swung into action to combat a hacker group’s exploitation of vulnerabilities in its firmware. The group, known as the “Shadow Brokers,” released online malware and other exploits it claimed to have stolen from the Equation Group, which is believed to have ties to the United States National Security Agency.
Cisco earlier this month disclosed the vulnerability, along with intrusion prevention system signatures and SNORT rules, “even though the patches are still under development,” said Cisco spokesperson Yvonne Malmgren, “because we learned that there may be public awareness of the vulnerability.”
This will let customers “actively monitor and protect their networks,” she told the E-Commerce Times, and it ensures that they “have the same level of information and awareness that we do.”
Customers can check Cisco’s Events Response Page for updates about its investigation into the issue.
The vulnerability affects products running Cisco IOS XR 4.3.x to 5.2.x, as well as Cisco IOS XE 3.1S and up.
The Cisco IOS Software Checker identifies any Cisco security advisories that impact a specific IOS Software release, as well as the earliest patch for the vulnerabilities in each advisory.