Security News
An Indian national who moved to California on an H1-B work visa was sentenced to 24 months in prison last week for accessing and damaging Cisco's network. Ramesh is a former Cisco employee, who resigned in April 2018.
A former Cisco employee who went medieval on his former employer and cost the company millions, has been sentenced to two years in prison and a $15,000 fine. Five months later he used access credentials to get back into Cisco's systems and deleted virtual machines on Webex - borking more than 16,000 WebEx Teams accounts for two weeks in some cases and costing Cisco $2.4m in refunds and repair work.
Sudhish Kasaba Ramesh, a former Cisco engineer, was sentenced on Wednesday to two years in prison and ordered to pay a $15,000 fine for shutting down more than 16,000 WebEx Teams accounts and over 450 virtual machines in 2018,. "[D]uring his unauthorized access he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco's WebEx Teams application, which provides video meetings, video messaging, file sharing, and other collaboration tools," a Department of Justice press release says.
Sudhish Kasaba Ramesh, a former Cisco engineer, was sentenced on Wednesday to two years in prison and ordered to pay a $15,000 fine for shutting down more than 16,000 WebEx Teams accounts and over 450 virtual machines in 2018,. "[D]uring his unauthorized access he deployed a code from his Google Cloud Project account that resulted in the deletion of 456 virtual machines for Cisco's WebEx Teams application, which provides video meetings, video messaging, file sharing, and other collaboration tools," a Department of Justice press release says.
Join Webex meetings without appearing in the participant list. "These flaws affect both scheduled meetings with unique meeting URLs and Webex Personal Rooms. Personal rooms may be easier to exploit because they are often based on a predictable combination of the room owner's name and organization name. These technical vulnerabilities could be further exploited with a combination of social engineering, open source intelligence and cognitive overloading techniques."
Identified by IBM's security researchers, the Webex flaws could allow attackers to join meetings as ghosts, remain in the meeting as a ghost after being expelled, and access information on meeting attendees. Tracked as CVE-2020-3419, the first of the issues impacts both Webex Meetings and Webex Meetings Server and is the result of "Improper handling of authentication tokens by a vulnerable Webex site."
Once they have meeting access, an attacker could exploit the flaw by sending crafted requests to a vulnerable Cisco Webex Meetings or Cisco Webex Meetings Server site. It affected all Cisco Webex Meetings sites prior to November 17, 2020; and all Cisco Webex Meetings apps releases 40.10.9 and earlier for iOS and Android.
Three flaws found in Cisco's Webex platform could have allowed people to secretly "Ghost" meetings without being seen. For customers who run an on premises version of Webex software, the company has issued patches for Webex Meetings Server.
Cisco has fixed today three Webex Meetings security vulnerabilities that would have allowed unauthenticated remote attackers to join ongoing meetings as ghost participants. The three bugs also enabled attackers to remain in the Webex meeting and maintain a bidirectional audio connection even after admins would remove them and access Webex users' information like email addresses and IP addresses from the meeting room lobby.
Cisco has issued patches for high-severity vulnerabilities plaguing its popular Webex video-conferencing system, its video surveillance IP cameras and its Identity Services Engine network administration product. Overall, Cisco on Wednesday issued the three high-severity flaws along with 11 medium-severity vulnerabilities.