Tech
Moscow exploiting seven-year-old Cisco flaw, says FBI | Computer Weekly
Threat actors linked to the Russian government are falling back on a seven-year-old vulnerability in Cisco equipment that was first uncovered in 2018, according to a new warning from the FBI.
The flaw in question, tracked as CVE-2018-0171, exists in the Smart Install (SMI) feature of Cisco’s Internetwork Operating System (IOS) and IOS XE. It arises through the improper validation of packet data and is exploited by sending a specially-crafted Smart Install message to a vulnerable device on TCP port 4786.
If left unpatched, enables an unauthenticated, remote attacker to achieve a denial of service (DoS) condition, or to conduct remote code execution (RCE).
In the past year, the feds said they had detected threat actors collecting configuration files for thousands of end-of-life network devices vulnerable to CVE-2018-0171, which it said are still in use at multiple critical national infrastructure (CNI) operators in the US.
“On some vulnerable devices, the actors modified configuration files to enable unauthorised access to those devices,” said the FBI in a statement.
“The actors used the unauthorised access to conduct reconnaissance in the victim networks, which revealed their interest in protocols and applications commonly associated with industrial control systems.”
Beserk Bear
The US authorities said the unit conducting the current spate of intrusions was likely Beserk Bear, aka Dragonfly, a cyber unit of Russia’s Federal Security Service, the FSB, which is known to have targeted networking devices – particularly those that accept legacy protocols, and had previously worked on custom malwares that specifically targeted Cisco products, notably a strain referred to as SYNful Knock.
Cisco Talos researchers Sara McBroom and Brandon White said that Cisco had observed Beserk Bear – Static Tundra in its parlance – acting against Cisco products since at least 2015, and urged users to patch against CVE-2018-0171 as a matter of urgency.
“Customers are strongly urged to apply the patch immediately given active and ongoing exploitation of the vulnerability…. Devices that are beyond end of life and cannot support the patch require additional security precautions as detailed in the 2018 security advisory. Unpatched devices with Smart Install enabled will continue to be vulnerable to these and other attacks unless and until customers take action,” they said.
McBroom and White also pointed out that the threat actor’s targeting extends beyond the US and North America, with primary targets including organisations in the higher education, manufacturing and telecoms sectors in Asia, Africa and Europe. Beserk Bear’s victims appear to be selected based on their strategic value to the Russian government’s geopolitical and intelligence goals, they added.
“We assess that Static Tundra’s two primary operational objectives are, one, compromising network devices to gather sensitive device configuration information that can be leveraged to support future operations, and two, establishing persistent access to network environments to support long-term espionage in alignment with Russian strategic interests.
“Because of the large global presence of Cisco network infrastructure and the potential access it affords, the group focuses heavily on the exploitation of these devices and possibly also the development of tools to interact with and persist on these devices,” warned McBroom and White.
Tech
Police do not have to explain to lawyer Fahad Ansari why they seized his phone data, says court | Computer Weekly
Police do not have to give a lawyer who was stopped, questioned and had his work mobile phone seized for forensic examination reasons for their actions, the UK’s high court has ruled.
The decision means that lawyers can be subject to counter-terrorism powers and have their privileged communications extracted and examined by the state, without having the right to know the case against them, said advocacy group Cage.
Fahad Ansari, who acts for Hamas in a legal appeal to have its proscribed status in the UK overturned, was stopped by police under Schedule 7 of the terrorist act while returning from holiday with his family last year.
The case is believed to be the first targeted use of Schedule 7 powers, which allow police to stop and question people and seize their electronic devices without the need for suspicion, against a practising solicitor.
The high court ruled on 4 March that police may present evidence about the reasons stopping Ansari in a closed court in front of a special advocate without Ansari or his lawyers being present – preventing Ansari or his legal team from learning the reasons why he was stopped.
Lawyers for Ansari argued the lawyer was entitled to be given a sufficient “gist” of the police’s case against him to enable him to disprove the police’s case, even if doing so would be damaging to national security.
Privileged material
Hugh Southey KC told the court in October 2025 that Ansari’s work phone contained data going back 15 years, including privileged material relating to his clients, and that any data extracted by the police should be deleted.
Ansari, an Irish citizen, argues that he was unlawfully stopped, detained and questioned under Schedule 7 of the Terrorism Act when he disembarked from a ferry with his family at Holyhead after visiting relatives in Ireland in August 2025.
The court was told last year that the phone contains details of at least 3,000 contacts, voice notes, memos, case papers, search terms and metadata, the overwhelming proportion of which is likely to be legally protected.
Justice Chamberlian found in a judgment published today the question was not whether any allegations made against Ansari by police in closed hearings were true, but whether police had a lawful basis for stopping and searching the lawyer at the time the search was carried out.
He found in a 15-page ruling that the use of Schedule 7 powers against Ansari to question him and seize his phone does not require any allegation to have been made against him, and that the seizure and retention of his personal information does not affect Ansari’s legal position.
The judge found that there were “substantial protections” in place to protect the integrity of legally privileged information, and that even if legally privileged material could be used against third parties, which it could not, they would enjoy the “full panoply of procedural rights”.
Ansari said he handed over the password to his phone after police warned him that to fail to do so would be an arrestable offence. He said that police also questioned him about Palestine Action, a direct action protest group that was proscribed under the Terrorism Act 2000, though Ansari has no connection with the group.
South Wales Police, which is responsible for counter-terrorism in Wales, has denied that Ansari was stopped because of his political views, and maintains that asking him questions about proscribed organisations is not unlawful.
Ansari, a registered freelance solicitor, became consultant at Duncan Lewis Solicitors, where he specialises in national security and complex human rights cases, after training at Fisher Meredith LLP and Birnberg Peirce.
Speaking after the judgement, Ansari said he would challenge the judge’s order that the police should not disclose their reasons for stopping him in open court.
“Seven months on, I remain in the dark about why counter-terrorism police detained and interrogated me and continue to examine the contents of my work phone,” he added. “I am exploring all options to challenge this dangerous precedent.”
Commenting on the case, Anas Mustapha, head of public advocacy at Cage, said that allowing secret evidence was a “thin end of the wedge” that could undermine justice. “Once courts accept that the state can accuse someone without revealing the accusation, the foundations of justice begin to collapse,” he added.
“The legal profession now faces a serious question: whether it will continue to accommodate secret courts through mechanisms like the special advocate system, or whether it will begin the difficult work of rolling back a process that has steadily eroded open justice for more than two decades,” said Mustapha.
Today, Apple announced its new budget MacBook. At $599, it looks seriously impressive. While I haven’t tested its performance, battery life, or display just yet, it may end up being hard to beat at that price based on some of the specs alone.
But that doesn’t mean the competition isn’t there. I want to recommend a couple of Windows laptops deals that offer various advantages over the MacBook Neo, showing where the Neo has both strengths and weaknesses.
First, check out this Asus Vivobook 14, a laptop I’ve been happy to recommend as a budget computer for the past year. In many ways, this is the Windows version of a laptop like the MacBook Neo. It uses a highly-efficient ARM chip, the Qualcomm Snapdragon X, meaning it gets great battery life and performs admirably in daily tasks. It’s not quite as thin or light as the MacBook Neo, but it’s fairly portable for a laptop at this price.
Unlike the MacBook Neo, the Vivobook 14 comes with 16 GB of RAM and 512 GB of storage. That’s twice what you get in the MacBook Neo’s starting configuration. Right now, this configuration of the Vivobook 14 is on sale for $539. That’s a killer deal for those specs. It even comes with a healthier mix of ports, including HDMI, two USB-A, one USB-C, and a headphone jack. That also means it can support two external displays unlike the MacBook Neo, which can only handle just one.
Don’t get me wrong—I’m not at all saying the Vivobook 14 is a slam dunk over the MacBook Neo. Based on specs alone, I know the Vivobook 14 is a serious step down when it comes to the display. It’s less sharp, stretched across a larger screen, and the color performance isn’t so good. The Vivobook 14 maxes out at 280 nits, whereas Apple says the MacBook Neo can go all the way up to 500 nits. I have a hunch that the MacBook Neo will deliver a much better display in just about every regard.
There’s also the touchpad. It’s a little clunky to use, which is typical of budget Windows laptops. This is just a guess—but the touchpad on the MacBook Neo will likely feel smoother. It’s a mechanical trackpad (unlike the MacBook Air’s haptic feedback trackpad), but Apple has almost never made a bad trackpad.
If you’re not convinced by the Asus Vivobook 14, I’d also recommend the HP OmniBook 5, which is currently on sale for $500 and uses the same Snapdragon X chip. While it only has 256 GB of storage, it has a much better screen than the Vivobook 14, using an OLED display. It’s not any brighter than the Vivobook 14, but it gives you far better color performance and contrast. It’s also just 0.50 inches thick, matching the MacBook Neo exactly in portability.
Other Good USB Hubs to Consider
Ugreen Revodok Pro 211 Docking Station for $64: Most laptop docking stations are bulky gadgets that often require a power source, but this one from Ugreen straddles the line between dock and hub. It has a small, braided cable running to a relatively large aluminum block. It’s a bit hefty but still compact, and it packs a lot of extra power. It has three USB ports (one USB-C and two USB-A) that each reached up to 900 MB/s of data-transfer speeds in my testing. That was enough to move large amounts of 4K video footage in minutes. The only problem is that using dual monitors on a Mac is limited to only mirroring.
Photograph: Luke Larsen
Hyper HyperDrive Next Dual 4K Video Dock for $150: This one also straddles the line between dock and USB hub. Many mobile docks lack proper Mac support, only allowing for mirroring instead of full extension. The HyperDrive Next Dual 4K fixes that problem, though, making it a great option for MacBooks (though it won’t magically give an old MacBook Air dual-monitor support). Unfortunately, you’ll be paying handsomely for that capability, as this one is more expensive than the other options. The other problem is that although this dock has two HDMI ports that can support 4K, though only one will be at 60 Hz and the other will be stuck at 30 Hz. So, if you plan to use it with multiple displays, you’ll need to drop the resolution 1440p or 1080p on one of them. I also tested this Targus model, which is made by the same company, which gets you two 4K displays at 60 Hz but not on Mac.
.png)
Anker USB-C Hub 5-in-1 for $20: This Anker USB hub is the one I carry in my camera bag everywhere. It plugs into the USB-C port on your laptop and provides every connection you’d need to offload photos or videos from camera gear. In our testing, the USB 3.0 ports reached transfer speeds over 400 MB/s, which isn’t quite as fast as some USB hubs on this list, but it’s solid for a sub-$50 device. Similarly, the SD card reader reached speeds of 80 MB/s for reading and writing, which isn’t the fastest SD cards can get, but adequate for moving files back and forth.—Eric Ravenscraft
Kensington Triple Video Mobile Dock for $83: Another mobile dock meant to provide additional external support, this one from Kensington can technically power up to three 1080p displays at 60 Hz using the two HDMI ports and one DisplayPort. It’s a lot of ports in a relatively small package, though the basic plastic case isn’t exactly inspiring.
Power up with unlimited access to WIRED. Get best-in-class reporting and exclusive subscriber content that’s too important to ignore. Subscribe Today.
Iran conflict and apparel sourcing: Nearshoring on the rise
Middle East heat may ripple across India’s energy supply chain, flags Goldman Sachs – The Times of India
Princess Beatrice ‘marital woes’: Edoardo issues surprise update
India Us Trade Deal: Fresh look at India-US trade deal? May be ‘rebalanced’ if circumstances change, says Piyush Goyal – The Times of India
Attock Cement’s acquisition approved | The Express Tribune
What are Iran’s ballistic missile capabilities?
-
Business6 days ago
India Us Trade Deal: Fresh look at India-US trade deal? May be ‘rebalanced’ if circumstances change, says Piyush Goyal – The Times of India
-
Politics1 week agoWhat are Iran’s ballistic missile capabilities?
-
Business7 days ago
Attock Cement’s acquisition approved | The Express Tribune
-
Business1 week agoHouseholds set for lower energy bills amid price cap shake-up
-
Politics1 week agoUS arrests ex-Air Force pilot for ‘training’ Chinese military
-
Fashion7 days agoPolicy easing drives Argentina’s garment import surge in 2025
-
Sports6 days agoLPGA legend shares her feelings about US women’s Olympic wins: ‘Gets me really emotional’
-
Fashion6 days agoTexwin Spinning showcasing premium cotton yarn range at VIATT 2026