Cisco is offering a free iPhone app that will allow people to get customized alerts on new security threats and other information for safe Web browsing.
The app, which will be available on Friday in the Apple iTunes store, provides information about new malware signatures, bulletins for how to mitigate against threats, ways to see if particular Web sites are compromised, as well as links to podcasts and videos.
The Cisco SIO To Go iPhone app gets its information from the company's Security Intelligence Operations (SIO) system which gathers information in real time from 700,000 sensors located at customer sites, ISPs, and other sites around the world. The data from the disparate sources allows Cisco engineers to do threat correlation to detect Internet attacks and spam campaigns.
The app is designed for professionals and security geeks, not the average consumer, said Michael Weir, Cisco security marketing director.
"I can make it applicable to my needs and the security needs of my [enterprise] network," he said.
The Cisco SIO To Go iPhone app offers information about the safety of particular Web sites.
(Credit: Cisco)Cisco Systems wireless local area network equipment used by many corporations around the world is at risk of being used in denial-of-service attacks and data theft, according to a company that offers protection for WLANs.
Researchers at AirMagnet, which makes intrusion-detection systems for WLANs, discovered the vulnerability, which affects all lightweight Cisco wireless access points, as well as the exploit that could be used against networks that have the Over-the-Air-Provisioning (OTAP) feature turned on.
"We found it in our labs," Wade Williamson, director of product management at AirMagnet, said on Monday. "We don't know about it being exploited in the wild."
Basically, the Cisco access points generate an unencrypted multicast data frame that is sent over the air and includes unencrypted data like the MAC address and the IP address of the wireless controller, as well as some configuration options, he said. The controller is used to manage the access points.
With that information, someone listening to the network could easily find the internal addresses of the WLAN controllers in the network and potentially target them with a denial-of-service attack, Williamson said.
"Someone out in the parking lot or a neighbor can look at the packets and see information about the controller on the wired side," he said. "This is giving anybody that's listening to the environment some pretty detailed information about the wired network that we want to keep protected."
If an access point has the OTAP enabled, the wireless LAN is also at risk of a "skyjack" exploit, Williamson said. With the OTAP feature enabled, a newly deployed Cisco access point will listen to the multicast data being broadcast to find the address of its nearest controller.
However, the access point could end up connecting to an outside controller if it hears multicast data from that network instead, and thus it would be under someone else's control, he said.
Someone could skyjack a corporation's access point and "use the wireless LAN to create a wired path into your network," Williamson said.
AirMagnet has informed Cisco about the problems and Cisco is working on a solution, Williamson said.
"As a matter of policy, Cisco takes security vulnerabilities very seriously and we continue to take active measures to safeguard the security and reliability of our equipment," a Cisco spokesperson said.
"Our standard practice is to issue public Security Advisories or other appropriate communications that include corrective measures so customers can address any issues," he said. "For that reason we do not provide comment on specific vulnerabilities until they have been publicly reported, consistent with our well-established disclosure process."
Cisco has 65 percent to 70 percent of the install base for wireless LANs, according to Stan Schatt, security practice director at ABI Research.
"What this really shows is that more and more companies have to have 7/24 monitoring of their LANs," he said. "They can't just periodically walk around the facility with a laptop and check to see if there's a problem."
An attack on a wireless LAN would be particularly dangerous for hospitals, which are increasingly moving critical apps onto the network for use by doctors and nurses with Wi-Fi-enabled handhelds, Schatt said. "A denial-of-service attack could impact mission critical phone systems," he said.
To mitigate against any attacks, Cisco customers should disable the OTAP feature and use a separate intrusion detection system that can detect whether someone is snooping on the network, as well as monitor that all access points on a network are authorized, AirMagnet said.
Updated 11:02 a.m. PDT August 25: Cisco released an alert on Tuesday that describes the finding as a low-risk vulnerability that could allow unauthorized control of a wireless access point and which could allow an unauthenticated, remote attacker to cause a denial of service condition.
"Any clients attempting to register to the AP (access point) will be unable to access network resources, but the AP is still unable to authenticate wireless clients," the company said in a statement. "There is no risk of data loss or interception. Cisco believes the vulnerability is easily avoided or mitigated and has provided techniques for this purpose."
Software updates and patches were not yet available, Cisco said.
Cyber scammers are banking on the notion that many people who might not fall for a phishing scam via e-mail may still be easy targets through their mobile phone, according to security report released Tuesday from Cisco Systems.
Text message scams are on the rise, particularly fake messages that appear to come from a legitimate bank, said the report, which covers a wide variety of cybercrime topics.
In many of the scams, the SMS messages direct the recipient to call a telephone number where an automated message prompts the caller to provide log-in ID or account number and PIN. Other messages provide a URL that leads to a phishing site looks like a legitimate site.
Specific scams have targeted cell phone users in Fargo, N.D., along with customers of First Community Credit Union and Buffalo Metropolitan Federal Credit Union in New York and of BCT Federal Credit Union in New York and Pennsylvania, the report said.
"People are giving up information through the voice channel in a way they never would do through e-mail or the Web," said Patrick Peterson, Cisco's chief security researcher.
Meanwhile, cybercriminals are continuing to get more sophisticated and borrowing from real-world business models. For instance, researchers have come across a service called VirTest that will test malware and viruses against products from the major antivirus vendors for a fee, Peterson said.
- prev
- 1
- next
