loader gif

Thangrycat: A Deadly Cisco Vulnerability Named After an Emoji

Thangrycat: A Deadly Cisco Vulnerability Named After an Emoji (Malware and Vulnerabilities)

Thangrycat is a newly disclosed vulnerability in Cisco routers that allows attackers to subvert the router's trusted computing module, which allows malicious software to run undetectably and makes it virtually impossible to eliminate malware once it has been installed. Thangrycat relies on attackers being able to run processes as the system's administrator, and Red Balloon, the security firm that disclosed the vulnerability, also revealed a defect that allows attackers to run code as admin. It's tempting to dismiss the attack on the trusted computing module as a ho-hum flourish: after all, once an attacker has root on your system, all bets are off. But the promise of trusted computing is that computers will be able to detect and undo this kind of compromise, by using a separate, isolated computer to investigate and report on the state of the main system (Huang and Snowden call this an introspection engine).

loader gif