Wednesday, August 24, 2016

Extra bacony goodness - What I am reading 8/24/2016

Ars Technica - NSA-linked Cisco exploit poses bigger threat than previously thought -

An exploit dubbed ExtraBacon contains code that prevents it from working on newer versions of Cisco Adaptive Security Appliance (ASA), a line of firewalls that's widely used by corporations, government agencies, and other large organizations. When the exploit encounters 8.4(5) or newer versions of ASA, it returns an error message that prevents it from working. Now researchers say that with a nominal amount of work, they were able to modify ExtraBacon to make it work on a much newer version. While Cisco has said all versions of ASA are affected by the underlying vulnerability in the Simple Network Messaging Protocol, the finding means that ExtraBacon poses a bigger threat than many security experts may have believed.

Since I didn't really cover this when it was first reported here is a link to a good explanation of the EXTRABACON attack.  The fastest fix I see is to change your SNMP string names.  That isn't perfect of course but it will work until the underlying problem is fixed.

The Verge - Climate Hackers: One man’s plan to stop global warming by shooting particles into the atmosphere -

I have said for years that the solution to global warming was to set off a couple nukes, and to think my friends were castigating me the other day for saying that I missed the cold war and the always imminent threat of nuclear war.

I know, another short one but I am trying to get this back on track - what a minute why am I apologizing?  I have no readers so I could literally type nonsense and it would have the same effect.

Yes, I know most of what I type is nonsense anyway but I mean it in the hjsaklhfjklsafhjaksdfhjkdsf sense.

Post a Comment

The Ultimate "Get Psyched" Playlist

I am busily loading up a playlist for DefCon so of course I had to turn to "The Ultimate Get Psyched" Playlist as published by Bar...