Connect with us
Vulnerability found in the line of Cisco firewalls Vulnerability found in the line of Cisco firewalls

Security

Vulnerability found in the line of Cisco firewalls

Published

on

A vulnerability in Cisco security appliances posed a threat to the business processes of large companies.

Positive Technologies expert Nikita Abramov discovered a vulnerability in the line of firewalls Cisco ASA (Adaptive Security Appliance) and Cisco FTD (Firepower Threat Defense), which can lead to denial of service. Vulnerability severity CVE-2021-34704 rated as high (8.6 on the CVSS 3.0 scale), users are encouraged to install the updates as soon as possible.

According to Forrester Research Report Cisco is recognized as the market leader in enterprise firewalls. According to Cisco information , in the world there are more than one million safety devices of its production.

“The disruption of the Cisco ASA and Cisco FTD primarily deprives the company of its firewall and remote access (VPN) capabilities. If the attack is successful, remote employees or partners will not be able to get into the internal network of the organization, access from the outside will be limited. At the same time, the inoperability of the ITU will reduce the security of the company. All this together can negatively affect the company’s processes, up to the disruption of connectivity between divisions, and make it vulnerable to targeted attacks, ”notes Nikita Abramov

According to the expert, an attacker does not need elevated privileges or special access to successfully exploit the vulnerability. It is enough to form a simple query, in which one of the parts will differ in size from what is expected on the device. Upon further parsing of the request, a buffer overflow will occur, and the system will urgently shut down and then reboot.

To eliminate the vulnerability, you must follow the manufacturer’s recommendations specified in notification

Previously, Positive Technologies specialists discovered a software vulnerability Cisco Firepower Device Manager (FDM) On-Box as well as extremely dangerous problems in the Cisco ASA, such as CVE-2020-3187, CVE-2020-3259 and CVE-2020-3452

Ensuring continuous monitoring of vulnerabilities within the infrastructure will help MaxPatrol VM – a new generation system in the field of vulnerability management. In-depth network traffic analysis (NTA / NDR) systems, in particular PT Network Attack Discovery (PT NAD) … In the event of a successful attack, one of the ways to identify signs of penetration is to use SIEM-class systems (for example, MaxPatrol SIEM ), which can detect suspicious behavior and promptly stop the movement of intruders inside the corporate network.

Click to comment

Leave a Reply

Your email address will not be published.

Security

Cryptocurrency exchange Binance was robbed of $570 million. Hacker withdrew BNB tokens

Published

on

Cryptocurrency exchange Binance was robbed of 570 million Hacker withdrew

Cryptocurrency exchange Binance has undergone another hacker attack. The attackers managed to withdraw BNB tokens worth about $570 million.

Cryptocurrency exchange Binance was robbed of $570 million.  Hacker withdrew BNB tokens

Somewhat earlier it was reported that the attack allowed the hackers to steal about $110 million, but now it turned out that everything is much worse. At the same time, the specialists of the exchange managed to freeze part of the funds, but we are talking about only 7 million dollars, which is clearly insignificant against the background of 570 million.

The exchange revealed that a cross-chain bridge connected to its BNB chain was attacked, allowing hackers to move BNB tokens off the network. Now the network has been restored, and the clients’ funds, according to Binance, are safe.

The fact of the theft of funds contributed to a sharp drop in the BNB rate by almost 5%, but after a few hours, almost half of the fall was redeemed.

Continue Reading

Security

Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines

Published

on

Hacker who earned 27 million in cyberattacks will spend 20

A Florida district court has sentenced 34-year-old IT engineer Sebastien Vashon-Desjardins to 20 years in prison for carrying out at least 90 cyberattacks.

Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines

It is noted that for several years of his activity, the hacker, using the NetWalker encryption virus, earned about $ 27 million. A search of Vashon-Desjardins revealed a crypto wallet containing 719 bitcoins, which was about $22 million at the time of the cybercriminal’s arrest in January 2022.

According to investigators, the 34-year-old cybercriminal acted in collusion with other hackers. Vashon-Desjardins himself played the role of an attacker: he infected the corporate networks of various companies with a virus and then demanded a ransom from them. Organizations from the USA, Canada and a number of European countries suffered from the activities of the criminal.

It is noted that, in addition to the prison term, the court also imposed a fine on Vashon-Desjardins in the amount of $ 21 million. Also, the criminal will have to pay compensation to the companies affected by his actions. The amount of damages has not yet been established.

Continue Reading

Components

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

Published

on

Unique behavior of Ryzen 7000 processors The notorious patches from

Recently, various vulnerabilities in processors have been talked about much less often, and users no longer worry about performance degradation due to patches. As it turns out, Ryzen 7000 processors generally benefit from such patches!

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

At least this is true for Linux, since it was in this OS that the author tested the Ryzen 9 7950X and Ryzen 5 7600X. It turned out that when working out of the box, the CPUs show better performance than when loading a special version of Linux with a deactivated patch from the Specter V2 vulnerability.

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

Of course, such results do not appear everywhere, and during normal work they are unlikely to be critical. In particular, in total, according to the results of 190 tests, the difference was only 3%.

Continue Reading

Most Popular