Cisco Exploit Leaked in NSA Hack Modifies to Target Latest Version of Firewalls

NSA-Exploits-Cisco-extrabacon-modifiedRecently released NSA exploit from “The Shadow Brokers” leak that affects older versions of Cisco System firewalls can work against newer models as well. Dubbed ExtraBacon, the exploit was restricted to versions 8.4.(4) and earlier versions of Cisco’s Adaptive Security Appliance (ASA) – a line of firewalls designed to protect corporate, government networks and data centers. However, the exploit has now been expanded to 9.2.(4) after researchers from Hungary-based security consultancy SilentSignal  were able to modify the code of ExtraBacon to make it work on a much newer version of Cisco’s ASA software. Both Cisco and Fortinet have confirmed their firewalls are affected by exploits listed in the Shadow Brokers cache that contained a set of “cyber weapons” stolen from the Equation Group.

Read more at
http://thehackernews.com/2016/08/cisco-firewall-hack.html