What a joke. No wonder Pentagon and many Feds dropped Csco for Palo Alto, Fortinet, Aruba
https://www.bleepingcomputer.com/news/security/over-10-000-cisco-devices-hacked-in-ios-xe-zero-day-attacks/
What a joke. No wonder Pentagon and many Feds dropped Csco for Palo Alto, Fortinet, Aruba
https://www.bleepingcomputer.com/news/security/over-10-000-cisco-devices-hacked-in-ios-xe-zero-day-attacks/
Cisco product managers are incompetent. They've learned their success is solely due to the number of features they shove into the already over-bloated operating systems of their products.
Most have no idea how customers will deploy and use those products. Of course, it's why those customers are looking for products that are much easier to use.
didn't impact Meraki which is Cisco's future
The Tribal work culture does not care about ANY product security. Never served in any services. No sense of patriotism or duty to defend country. Here for pay and GC only, period.
If a cisco employee authored the "imagine you're so stupid" post, he/she should immediately resign.
Classic Csco mindset, blame the customer, always. No wonder company sinking, lost all respect from both SMBs and Fortune 500s.
Clearly this isn’t Cisco’s fault. Blame the customers for not having their devices secured to the public internet, lol.
10,000 will be LR'ed as a response to this security incident.
Imagine being so stupid that you use the web ui. And on top of that you leave it wide open to the Internet.
Welcome to the current millennium! IOS-XE runs on 1U switches that are available through official Cisco partners for a bit over $1,200 which means you are no longer selling exclusively to major corporations with trained network staff. I'll save the long lecture on how Cisco's monkeys inability to understand CHI, the Parser Police Guidelines and refactoring has made a mess of the shipping CLIs.
The fault with Cisco's broken code lies exclusively with Cisco. It's time to remove the management that has left a myriad of possible security holes like buffer overruns revealed by static analysis unaddressed for decades because "we can't deliver new bugs fast enough if we take time to fix the old ones!" It's also time to remove the technical staff that can't be bothered to learn about security and the issues in implementing secure systems.
Also note that almost every networking gear company is doing their best to force customers to open their buggy insecure equipment to the internet in the name of "licensing verification" where a heck of a lot more than the state of a license key is made available to external entities. A pox on the whole industry.
there was a time Cisco meant peace of mind. Gone are the days of the ASA PIX.
Cisco now just synonymous with layoffs and overpriced *tupid acquisitions.
BWAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHAHAHAH !!
The #1 company ....
Imagine being so stupid that you use the web ui. And on top of that you leave it wide open to the Internet.