TrueSec said that because there is no publicly available exploit code for the Cisco vulnerability, it means cybercriminals like those working for Akira would either need to have bought that exploit from somewhere or developed one of their own, which would require a deep understanding of the flaw.
In one recent incident, however, the TrueSec team managed to restore six months of radius authentication logs from an NPS server, the analysis of which revealed a pattern of malicious behavior that heavily hinted towards but didn't quite prove the use of an exploit.
[
add
]
[
|
|
...
]