Here's how hackers are targeting Cisco Network Switches in Russia and Iran

Since last week, a new hacking group, calling itself 'JHT,' hijacked a significant number of Cisco devices belonging to organizations in Russia and Iran, and left a message that reads—"Do not mess with our elections" with an American flag in ASCII art. MJ Azari Jahromi, Iranian Communication and...

Cisco Smart Install Protocol Misuse

SIET Smart Install Exploitation Tool Cisco Smart Install is a plug-and-play configuration and image-management feature that provides zero-touch deployment for new switches. You can ship a switch to a location, place it in the network and power it on with no configuration required on the device. Y...

Identify Cisco Smart Install endpoints

This module attempts to connect to the specified Cisco Smart Install port and determines if it speaks the Smart Install Protocol. Exposure of SMI to untrusted networks can allow complete compromise of the switch. This module requires Metasploit: https://metasploit.com/download Current source:...

Cisco IOS XE Smart Install Protocol Misuse (cisco-sr-20170214-smi)

The remote Cisco IOS XE device has the Smart Install Feature enabled. The Smart Install SMI protocol does not require authentication by design. The absence of an authorization or authentication mechanism in the SMI protocol between the integrated branch clients IBC and the director can allow a...

Cisco Smart Install (SMI) Protocol Misuse (cisco-sa-20170214-smi) - Unreliable Check

Cisco is aware of a significant increase in Internet scans attempting to detect devices where, after completing setup, the Smart Install feature remains enabled and without proper security controls. This could leave the involved devices susceptible to misuse of the feature. Customers who have not...