Security News

Amazon Web Services on Tuesday announced the general availability of AWS Network Firewall, a managed security service designed to help customers protect their virtual networks. AWS Network Firewall can easily be enabled from the AWS Console for specified virtual private cloud environments, and the company says there are no extra charges for users - customers pay for the service based on hours deployed and gigabytes processed.

Amazon Web Services announced the general availability of AWS Network Firewall, a new managed security service that makes it easier for customers to enable network protections across all of their AWS workloads. AWS provides protections to help customers secure their networks, such as AWS Web Application Firewall to protect internet-facing web applications, AWS Shield to safeguard against Distributed Denial of Service attacks, and AWS Firewall Manager which provides central management and visibility across all firewall controls on AWS. While these and other protections combine to provide highly secure and flexible layers of defense, many customers also want a simple way to apply and manage blanket network protections across all of their workloads.

Apple is facing the heat for a new feature in macOS Big Sur that allows many of its own apps to bypass firewalls and VPNs, thereby potentially allowing malware to exploit the same shortcoming to access sensitive data stored on users' systems and transmit them to remote servers. "Some Apple apps bypass some network extensions and VPN Apps," Maxwell tweeted.

Now Apple has stressed that this app security check does not send anyone's Apple IDs nor device identifiers over the 'net, though it did log people's public IP addresses. "To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs," Apple said.

Zyxel Networks expanded and strengthened their comprehensive family of security solutions for businesses with the launch of two new USG FLEX mid-range firewalls and the release of firmware ZLD 4.60. Armed with key enhancements provided by the new firmware, Zyxel security firewalls provide businesses with the power and flexibility to protect themselves against more sophisticated cyberthreats and ensure business continuity in the rapidly-evolving business environment.

SonicWall announced the expansion of its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall and three new cost-effective TZ firewall options. The new SonicWall NSa 2700 expands multi-gigabit threat performance to enterprises, MSSPs, government agencies, as well as key retail, healthcare and hospitality verticals.

"NAT Slipstreaming exploits the user's browser in conjunction with the Application Level Gateway connection tracking mechanism built into NATs, routers, and firewalls by chaining internal IP extraction via timing attack or WebRTC, automated remote MTU and IP fragmentation discovery, TCP packet size massaging, TURN authentication misuse, precise packet boundary control, and protocol confusion through browser abuse," Kamkar said in an analysis. NAT Slipstreaming works by taking advantage of TCP and IP packet segmentation to remotely adjust the packet boundaries and using it to create a TCP/UDP packet starting with a SIP method such as REGISTER or INVITE. SIP is a communications protocol used for initiating, maintaining, and terminating real-time multimedia sessions for voice, video, and messaging applications.

A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. In a statement SonicWall said it "Was contacted by a third-party research team regarding issues related to SonicWall next-generation virtual firewall models." The spokesman went on to say that SonicWall's own engineers discovered even more vulns while reproducing Tripwire's findings, going on to develop patches for the whole lot.

Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance. The SonicWall NSAs are next-generation firewall appliances, with a sandbox, an intrusion prevention system, SSL/TLS decryption and inspection capabilities, network-based malware protection, and VPN capabilities.

A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability and Exposure Research Team and Nikita Abramov of Positive Technologies have been credited with discovering and reporting the vulnerability.