On September 15, Cisco and Mandiant (FireEye) published information about a new type of malware called “SYNful Knock.” This attack isn’t caused by an issue with Cisco products. It occurs when an attacker gains or steals administrative credentials or gets physical access to a networking device. They can then load a modified version of the device’s operating system software.
For some time we’ve talked about networking devices and their credentials being high-value targets for attackers, and the need to protect them accordingly. In this video, Cisco Principal Engineer, Omar Santos describes SYNful Knock and shares details that will help customers detect, remediate and prevent future attacks.
We continue to share related updates for customers on the Event Response Page at http://cs.co/6053BJ0Tx
You can watch this video also at the source.