One day after it disclosed a security vulnerability in a wireless networking product, Cisco must contend with a new threat – the long-promised release of a hacking tool that targets wireless networks running its LEAP wireless authentication protocol. The tool, called “Asleap,” allows users to scan the wireless network broadcast spectrum for networks using LEAP (Lightweight Extensible Authentication Protocol), capture wireless network traffic and crack user passwords, according to a message posted to the Bugtraq online security discussion group on Wednesday. Cisco did not immediately respond to requests for comment. The tool was designed to compromise WLANs using LEAP using so-called “dictionary attacks” to exploit weakly protected passwords, according to the message, which purports to be from Joshua Wright, a network engineer at Johnson & Wales University in Providence, R.I. Wright made headlines in August after he publicized the password vulnerability in LEAP. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.