Slashdot reader b-dayyy quotes the Linux Security blog: What if you could block connections to your network in real-time from countries around the world such as Russia, China and Brazil where the majority of cyberattacks originate? What if you could redirect connections to a single network based on their origin? As you can imagine, being able to control these things would…
Tag: firewalls
Google Chrome Sync Feature Can Be Abused For C&C and Data Exfiltration
Threat actors have discovered they can abuse the Google Chrome sync feature to send commands to infected browsers and steal data from infected systems, bypassing traditional firewalls and other network defenses. From a report: For non-Chrome users, Chrome sync is a feature of the Chrome web browser that stores copies of a user’s Chrome bookmarks, browsing history, passwords, and browser and…
After SolarWinds Breach, Lawmakers Ask NSA for Help in Cracking Juniper Cold Case
As the U.S. investigation into the SolarWinds hacking campaign grinds on, lawmakers are demanding answers from the National Security Agency about another troubling supply chain breach that was disclosed five years ago. From a report: A group of lawmakers led by Sen. Ron Wyden, D-Ore., are asking the NSA what steps it took to secure defense networks following a years-old breach…
How DNSpooq Attacks Could Poison DNS Cache Records
Earlier this week security experts disclosed details on seven vulnerabilities impacting Dnsmasq, “a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points,” reports ZDNet. “The vulnerabilities tracked as DNSpooq, impact Dnsmasq, a DNS forwarding client for *NIX-based operating systems.” Slashdot reader Joe2020 shared Help Net Security’s quote from Shlomi Oberman, CEO and researcher…
Citing ‘Censorship’ Concerns, North Idaho ISP Blocks Facebook and Twitter
jasonbuechler writes: A North Idaho internet provider, Your T1 WIFI, emailed customers to say customers would need to opt-in to access Facebook and Twitter from its service. They wisely seem to have changed their mind on that after it started garnering attention on social media. The ISP says it decided to restrict service this way after receiving numerous calls from customers…
Backdoor Account Discovered in More Than 100,000 Zyxel Firewalls, VPN Gateways
More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. From a report: The backdoor account, discovered by a team of Dutch security researchers from Eye Control, is considered as bad as it gets in terms…
Apple Lets Some Network Traffic Bypass Firewalls on MacOS Big Sur
“Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs…” reports Threatpost. “While users assumed Apple would fix the flaw before the OS emerged from beta into full release, this doesn’t appear to have happened.” “Beginning with macOS Catalina released last year, Apple added…
HP Replaces ‘Free Ink for Life’ Plan With ’99 Cents a Month Or Your Printer Stops Working’
In a new essay at EFF.org, Cory Doctorow re-visits HP’s anti-consumer “security updates” that disabled third-party ink cartridges (while missing real vulnerabilities that could actually bypass network firewalls). Doctorow writes that it was just the beginning: HP’s latest gambit challenges the basis of private property itself: a bold scheme! With the HP Instant Ink program, printer owners no longer own their…
A New Botnet Is Covertly Targeting Millions of Servers
An anonymous reader quotes a report from Wired: FritzFrog has been used to try and infiltrate government agencies, banks, telecom companies, and universities across the US and Europe. Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world. The botnet uses proprietary software written from scratch…
Researcher Discovers New ‘HTTP Request Smuggling Attack’ Variants
Some scary new variants of “HTTP request smuggling” have been discovered by Amit Klein, VP of security research at SafeBreach, reports Security Week:
Specifically, an HTTP request smuggling attack, which can be launched remotely over the internet, can allow a hacker to bypass security controls, gain access to sensitive data, and compromise other users of the targeted app. While the attack method…