This story was printed from silicon.com, located at http://www.silicon.com/
Story URL: http://software.silicon.com/security/0,39024655,39150991,00.htm Cisco.com website breached - customers warned By Dan Ilett Published: Wednesday 03 August 2005 Cisco's web portal has been compromised, although the cause of the incident is unknown. Cisco customers today received emails from the networking equipment company advising them of a security breach. And the company admitted the Cisco.com web portal has been compromised and that customers need to change their passwords. Cisco said: "It has been brought to our attention that there is an issue in a Cisco.com search tool that could expose passwords for registered users. "As a result, to protect our registered Cisco.com users, we're taking the proactive step of resetting Cisco.com passwords. Needless to say we're investigating the incident which does not appear to be due to a weakness in our security products and technologies or with our network infrastructure." The company also stressed on its website that the incident appears unrelated to flaws in Cisco products. Security experts, however, are unsure as hackers around the world have been racing to find a vulnerability in Cisco equipment since it was described by security researcher Michael Lynn at the Black Hat conference last week. Cisco and Lynn's former employer, Internet Security Systems, have taken legal action against the researcher following the presentation. One industry source said: "I think this has the possibility of having a significant impact on corporations and the intellectual property of Cisco." But others disagree. Michael Maddison, director of enterprise risk services for Deloitte, said: "I think it's more likely to be a vulnerability in web applications than Cisco equipment. That's my opinion - we see vulnerabilities in web pages all the time." You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
