Flaw in Cyberoam firewalls exposed corporate networks to hackers – TechCrunch

Forums Security News (Security) Flaw in Cyberoam firewalls exposed corporate networks to hackers – TechCrunch

Tagged: 

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • November 5, 2019 at 2:28 pm #37586
      Telegram SmartBoT
      Moderator
      • Topic 5959
      • Replies 0
      • posts 5959
        @tgsmartbot

        #News(Security) [ via IoTGroup ]

        Headings…
        Flaw in Cyberoam firewalls exposed corporate networks to hackers

        Auto extracted Text……

        Sophos said it is fixing a vulnerability in its Cyberoam firewall appliances, which a security researcher says can allow an attacker to gain access to a company’s internal network without needing a password.
        The vulnerability allows an attacker to remotely gain “root” permissions on a vulnerable device, giving them the highest level of access, by sending malicious commands across the internet.
        Once a vulnerable device is accessed, an attacker can jump onto a company’s network, according to the researcher who shared their findings exclusively with TechCrunch.
        Cyberoam devices are typically used in large enterprises, sitting on the edge of a network and acting as a gateway to allow employees in while keeping hackers out.
        These devices filter out bad traffic, and prevent denial-of-service attacks and other network-based attacks.
        They also include virtual private networking (VPN), allowing remote employees to log on to their company’s network when they are not in the office.
        It’s a similar vulnerability to recently disclosed flaws in corporate VPN providers, notably Palo Alto Networks, Pulse Secure and Fortinet, which allowed attackers to gain access to a corporate network without needing a user’s password.
        Many large tech companies, including Twitter and Uber, were affected by the vulnerable technology, prompting Homeland Security to issue an advisory to warn of the risks.
        Sophos, which bought Cyberoam in 2014, issued a short advisory this week, noting that the company rolled out fixes on September 30.
        The researcher, who asked to remain anonymous, said an attacker would only need an IP address of a vulnerable device.
        Getting vulnerable devices was easy, they said, by using search engines like Shodan, which lists around 96,000 devices accessible to the internet.
        A Sophos spokesperson disputed the number of devices affected, but would not provide a clearer figure

        Read More..
        AutoTextExtraction by Working BoT using SmartNews 1.02976805238 Build 26 Aug 2019

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.