Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods.
"Investigated network traffic to a compromised device has shown that the threat actor has upgraded the implant to do an extra header check," NCC Group's Fox-IT team said. "Thus, for a lot of devices

actor backdoor cisco compromised detection device devices escape evade exploiting fingerprinting flaws hacked implant ios ios xe network network traffic software threat threat actor traffic visibility zero-day zero-day flaws