bluebay2014 - Fotolia
In this Risk & Repeat podcast, SearchSecurity editors discuss the latest Symantec vulnerabilities reported by Google Project Zero and the Shadow Brokers' Cisco exploit.
A new round of Symantec vulnerabilities and another Cisco exploit have enterprises scrambling to fill potential security holes in their IT environments.
Google Project Zero last week disclosed more Symantec vulnerabilities tied to a file parser in the vendor's antivirus engine, which had been addressed and patched by Symantec. While the vendor categorized the flaws as medium severity, Project Zero information security engineer Tavis Ormandy, who reported the flaws, argued that the vulnerabilities were more serious and allowed for remote code execution.
Ormandy said that Symantec was using an outdated version of the unrar-based unpacker, which was already vulnerable to other publicly-disclosed flaws. This marks the third vulnerability report from Project Zero this year on major software flaws within Symantec's antivirus software.
Cisco also had to contend with a serious security flaw in its product line, which was disclosed courtesy of the Shadow Brokers' data dump. The Cisco exploit, based on the Equation Group's BENIGNCERTAIN hacking tool, affects the networking giant's legacy PIX firewall line, as well as certain versions of Cisco's IOS XE and CIOS XR software. The Cisco exploit relates to issues with the company's implementation of the Internet Key Exchange protocol. Cisco has not released a patch for the flaw but the company provided several steps to mitigate the flaw.
Why did these security flaws elude Symantec and Cisco? What can enterprises do to address these issues? And how many more of these vulnerabilities will drop in the coming months?
In this episode of SearchSecurity's Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss those questions and more on the topic of Symantec and Cisco. They also tackle the potent DDoS attacks unleashed against several targets last week, including infosec journalist Brian Krebs, and what these new attacks mean for the IT industry.
Risk & Repeat: Google's Project Zero drops more Symantec vulnerabilities
Risk & Repeat: MobileIron's James Plouffe on Mr. Robot, mobile threats
Risk & Repeat: OPM breach report spells bad news for government cybersecurity