| Security
News |
| |
Hack lets
intruders sneak into home routers
February 15, 2007
If you haven't changed the default password on your
home router, let this recent threat serve as a reminder.
Attackers could change the configuration of home
routers using JavaScript code, security researchers at
Indiana University and Symantec have discovered. The
researchers first published their work in December, but
Symantec publicized the findings on Thursday.
The researchers found that it is possible to change the
DNS, or Domain Name System, settings of a router if the
owner uses a connected PC to view a Web page with the
JavaScript code.
Read
full story...
|
| |
Cisco warns of more router
vulnerabilities
February 14, 2007
The intrusion prevention capabilities of Cisco Systems'
routers could be prone to attack, after the networking
giant revealed two vulnerabilities in its key operating
system.
The vulnerabilities affect those versions of Cisco's
Internetwork Operating System (IOS) that start with
"12.3" and "12.4". Almost all Cisco routers run a
version of IOS. The flaws allow a hacker to circumvent
the IPS protection built into the affected routers and
also cause routers to crash.
Read
full story...
|
| |
Cisco
firewall source code up for sale
November 2, 2004
The group of self-identified hackers has posted
files online that it claims contains source code for Pix
security firewall from Cisco Systems. The price for the
proprietary software: $24,000. "SCC is proud to announce
the general availability of Cisco Pix 6.3.1 source code.
This release is significant because Pix is vital to the
security of many ultra-secure networks," read a Google
group posting marked as a Source Code Club newsletter.
Cisco suffered an earlier leak of its source code in
May this year, when an unspecified amount of proprietary
source code that drives the company's networking hardware
appeared online.
Read
full story...
|
| |
Cisco
reveals another significant security flaw
April 21, 2004
Flaw in Cisco operating system's SNMP request
handling mechanism places corporate routers and switches
at risk of a denial-of-service (DoS) attack. The flaw
affects versions 12 through 12.3 of Cisco's Internetwork
Operating System (IOS). Please click
here for the complete article and a list of the
affected routers and switches.
Read
full story...
How Stealth Networks addresses
this issue:
Stealth Networks secure platform and gateways can be configured
to accept SNMP requests only from authorized sources.
This makes our them invulnerable to this kind of attack.
|
|
Microsoft
discloses large number of Windows vulnerabilities
April 13, 2004
In four separate security bulletins, Microsoft
announced 20 security vulnerabilities in Windows and Outlook
Express of which 8 were classified as 'critical'. 16 of
these vulnerabilities can be exploited remotely, the most
dangerous type of bug because hackers can conduct an attack
over the Internet. The most severe of these vulnerabilities
could allow an attacker to take complete control of an
system, including installing programs, deleting data,
or creating new user accounts that have full access privileges.
Read
full story...
How Stealth Networks addresses
this issue:
Stealth Networks' secure platform and gateways provide
network layer security. Though they cannot address application
vulnerabilities, their advanced IPS functionalities can
prevent hackers from exploiting these flaws at a network
level, thus isolating infected systems and containing
damage. |
|
Cisco
Wireless LAN security threat exposed
April 21, 2004
April 09, 2004 - Flaw in Cisco's wireless authentication
protocol (LEAP) compromises username and passwords and
exposes networks to offline dictionary attacks. "Customers
using LEAP should be aware that the usernames and password
of their user account are exposed, and should plan for
the deployment of alternate authentication mechanisms
such as PEAP or TTLS,".
Read
full story...
How Stealth Networks addresses
this issue:
Stealth Networks' secure platform and gateways use a much
robust authentication protocol - TLS. In addition, authentication
credentials are shielded through encryption. With AES
256 encryption and keys being rotated every 60 seconds,
the Stealth Secure VPN is the msot secure solution over
wireline or wireless networks. |
