Security News

Week in review: Juniper devices compromised, great corporate security blogs, MITRE D3FEND
2023-11-19 09:30

Collaborative strategies are key to enhanced ICS securityIn this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems. Modeling organizations' defensive mechanisms with MITRE D3FENDFunded by the National Security Agency, MITRE's D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers.

Juniper networking devices under attack
2023-11-14 13:37

CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Juniper Networks fixed four flaws affecting the J-Web GUI of Junos OS-powered devices in late August 2023, and urged customers to update their SRX firewalls and EX switches to plug the security holes.

CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
2023-11-14 06:03

The U.S. Cybersecurity and Infrastructure Security Agency has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities catalog, based on evidence of active exploitation -.

CISA warns of actively exploited Juniper pre-auth RCE exploit chain
2023-11-13 17:23

CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its advisory to notify customers that the flaws found in Juniper's J-Web interface have been successfully exploited in the wild.

Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
2023-09-19 09:30

New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. VulnCheck, which discovered a new exploit for CVE-2023-36845, said it could be exploited by an "Unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system."

Thousands of Juniper Junos firewalls still open to hijacks, exploit code available to all
2023-09-18 22:30

About 79 percent of public-facing Juniper SRX firewalls remain vulnerable to a single security flaw can allow an unauthenticated attacker to remotely execute code on the devices, according to threat intelligence platform provider VulnCheck. Juniper revealed and addressed five flaws, which affect all versions of Junos OS on SRX firewalls and EX Series switches, in an out-of-cycle security bulletin on August 17.

Thousands of Juniper devices vulnerable to unauthenticated RCE flaw
2023-09-18 19:40

An estimated 12,000 Juniper SRX firewalls and EX switches are vulnerable to a fileless remote code execution flaw that attackers can exploit without authentication. In a later technical report, watchTowr Labs released a PoC that chained the CVE-2023-36845 and CVE-2023-36846 flaws, allowing the researchers to remotely execute code by uploading two files to a vulnerable device.

Week in review: 11 search engines for cybersecurity research, PoC for RCE in Juniper firewall released
2023-09-03 08:00

What does optimal software security analysis look like?In this Help Net Security interview, Kevin Valk, co-CEO at Codean, discusses the consequences of relying solely on automated tools for software security. Apple offers security researchers specialized iPhones to tinker withApple is inviting security researchers to apply for its Security Research Device Program again, to discover vulnerabilities and earn bug bounties.

Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
2023-08-30 11:15

Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports. "This flaw allows an unauthorized user to exploit the unauthenticated Openfire Setup Environment within an established Openfire configuration," cloud security firm Aqua said.

Hackers exploit critical Juniper RCE bug chain after PoC release
2023-08-29 14:51

Hackers are using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface. One week after Juniper disclosed and released security updates to patch the four flaws that can be chained to achieve remote code execution, watchTowr Labs security researchers released a proof-of-concept exploit targeting the SRX firewall bugs.