Hackers Use Flaw in Cisco Switches to Attack Critical Infrastructure

CERT-LatestNews ThreatsCybercrime
According to the blog post by Nick Biasini, a threat researcher at Cisco Talos, the Smart Install protocol can be misused to “modify the TFTP server setting exfiltrate configuration files via TFTP, modify the configuration file, replaces the IOS image, and set up accounts, allowing for the execution of IOS commands.