More than 300 models of Cisco Systems (CSCO - Get Report) switches contain a critical vulnerability, the company warned users in a March 17 advisory. The weakness has made it possible for the CIA to send malicious code that takes control of devices.
The San Jose, Calif.-based company, which is among the world leaders in providing cybersecurity services, said that there is no fix. The advisory comes at sensitive and seemingly transformative time in the cybersecurity industry. Multiple hacks involving last year's presidential election and national security agencies have highlighted the vulnerability of systems that once seemed impregnable. The hacks underscored the importance of cybersecurity. Tech and cybersecurity stocks have been on an upswing for the past year.
In Tuesday trading Cisco Systems' shares fell 1.17%. Cisco is the first major tech firm to acknowledge a vulnerability connected with Vault 7 documents, which Wikileaks made public two weeks ago and shed some light on CIA spying activities.
The flaw came to light as Cisco Systems analyzed secret documents that WikiLeaks published earlier this month and were reportedly stolen from the CIA. It is embedded in the Cisco Cluster Management Protocol, which uses Telnet as a signaling and command protocol.
In the advisory, Cisco said that the problem occurred because the Protocol doesn't restrict CMP-specific Telnet options "only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device," and also because of "incorrect processing of malformed CMP-specific Telnet options."
The advisory added: "An attacker could exploit this vulnerability by sending malformed CMP-specific telnet options while establishing a telnet session with an affected Cisco device configured to accept telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device."
The weakness mostly impacts Cisco Catalyst switches but also affects Industrial Ethernet switches and embedded devices. The company listed the switches subject to the vulnerability.
Disabling telnet can prevent the threat. Cisco included a link in the advisory with directions for doing that.
Cisco plans to provide a more substantial fix to the problem but didn't say when.
College basketball fans who want an experience that at least approximates being in the arena will have the ability to watch six games in virtual reality (VR) from this year's national championship tournament, including the semifinals and finals.
That's via a new NCAA March Madness Live VR App, which viewers can access at the Oculus store. The app currently works with Gear VR devices.
Oculus is a dvision of Facebook. Gear VR headsets are a Samsung product that was introduced in 2015.
Facebook is also a holding in Jim Cramer's Action Alerts PLUS Charitable Trust Portfolio.
The program reflects the growing presence of VR -- a result of consumers' increasing demand for more intense viewing experiences. Over the past 18 months, a flurry of game designers, entertainment and sports-related companies have launched VR initiatives.
The March Madness app will offer two tiers of coverage. The gold tier costs $2.99 per game or $7.99 for the six games. It will provide multiple camera angles and commentary from three analysts focused on fans watching the VR production. A silver tier will cost $1.99 but provide only one camera angle. It will use game commentary from a CBS broadcast. CBS is the main television network covering the NCAA tournament.
Charging for the VR service differs from other networks, which have asked only that users verify their cable account information.
The games won't be available in Oculus Rift, Facebook's VR headset, or Vive, which was developed by HTC and Valve. Those two devices have significantly fewer users than Gear.
Intel is powering the technology and is part of a partnership with the NCAA, CBS Sports and Turner Sports that is behind the VR initiative.
Much of the African continent continues to struggle to provide health care services. Part of the problem stems from an inability of health care providers to connect with the people they could help. That problem is particularly acute in rural areas where wifi and modern communication channels are not a guarantee.
Enterstartup Kangpe Health. The Y Combinator startup enables African consumers to connect remotely with health care providers via their mobile devices. The consumers use the company's app to type questions to medical staff, who for a fee, will respond in under 10 minutes or refer them to a medical professional who can provide a more detailed diagnosis.
The app is available in Kenya, Nigeria, Ghana and Rwanda, covering areas with close to a quarter of billion people. Co-founder Femi Kuti said the service has more than 60,000 registered users. The app provides unlimited access to more than 750 doctors.
Kuti, a doctor, founded Kangpe with Matthew Mayaki and Ope Olumeken, after noticing how often friends and patients texted him about their health issues. He saw potential for a for-profit venture.
The company faces competition from MedAfrica in Kenya, Matibabu in Uganda and Hello Doctor, which serves 10 African countries. But Africa's geographic size and growing population suggests strongly that there is room for multiple providers.
The company has already forged a partnership with Facebook's Free Basics program, which provides news, information related to such areas as health care, employment and travel.
Kuti says his company is providing an indispensable service and is eager to expand the company.
"We have a very simple vision at Kangpe, to be the top of mind provider of healthcare access across Africa in a fast and simple way," he wrote in a blog post on the website Startup Stories, which features startup and early-stage companies in Lagos, Nigeria. "What this means is that, whenever an African, anywhere and at any time, has a health problem, issue or question, we want to be the first place they visit for a solution because they know they will receive a solution they can trust and in a timely manner as well.