![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=92.1){kind=small}
Apparently I'm at the far less interesting infosec convention this week (SANS DC 2005).
In a breaking news item, a security researcher for ISS has lost his job over a presentation he was scheduled to give at the Black Hat Briefings in Las Vegas this week.
The presentation was on a class hack on Cisco IOS -- which would potentially allow a wide variety of attacks on a wide variety of Cisco IOS devices.
It appears that the research "went public" because crackers in the real world were getting on to the trail of this idea, and Cisco and his employer had decided to sit on the information rather than doing anything about it. This has included ugly stuff, such as information being torn out of the Black Hat Briefings hand-out given to attendees, and Cisco threatening legal action to supress the documentation and presentation. In an interesting note, the Washington Post may carry some of the presentation in a videocast.
This is all an initial grasp of the situation, I will update with a better analysis when I get to read more.
http://blogs.washingtonpost.com/securit
http://www.crn.com/sections/breakingnew
http://www.networkworld.com/news/2005/0
http://www.computerwire.com/industr
http://www.wired.com/news/privacy/0,184
http://netsec.blogspot.com/
July 28 2005, 13:06:26 UTC 6 years ago
July 28 2005, 13:19:21 UTC 6 years ago
Reading from a friend of a friend
Oh, sweet baby jesus. I'm sure this si going to be a great item to bring up at the nova isac. Brillant.