Security News

Cisco informed customers on Wednesday that it's working on a patch for a code execution vulnerability affecting its AnyConnect product. According to the networking giant, the product is affected by a flaw, tracked as CVE-2020-3556, that can be exploited by a local, authenticated attacker to cause an AnyConnect user to execute a malicious script.

Cisco has disclosed today a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software with proof-of-concept exploit code publicly available. While security updates are not yet available for this arbitrary code execution vulnerability, Cisco is working on addressing the zero-day, with a fix coming in a future AnyConnect client release.

Google announced on Thursday that Google One customers can now use a new virtual private network service that will provide them an extra layer of protection when they go online. The new VPN by Google One is available to customers who have subscribed to a 2 TB plan or higher.

A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. In a statement SonicWall said it "Was contacted by a third-party research team regarding issues related to SonicWall next-generation virtual firewall models." The spokesman went on to say that SonicWall's own engineers discovered even more vulns while reproducing Tripwire's findings, going on to develop patches for the whole lot.

UPDATE. A critical security bug in the SonicWall VPN portal can be used to crash the device and prevent users from connecting to corporate resources. "The most notable aspect of this vulnerability is that the VPN portal can be exploited without knowing a username or password," Young told Threatpost.

Government-backed hackers have compromised and gained access to US elections support systems by chaining together VPN vulnerabilities and the recent Windows CVE-2020-1472 security flaw. "Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks," says a joint security advisory published by CISA and the FBI. Despite that, CISA added that it is "Aware of some instances where this activity resulted in unauthorized access to elections support systems."

The three new features provide adaptive threat profiling for Juniper's ATP Cloud, the integration of WootCloud HyperContext for device profiling, and Secure Connect VPN for remote working beyond the branch office. Adaptive Threat Profiling makes use of Juniper's SRX series firewalls to act as sensors throughout the network.

According to the SAM IoT Security Lab, the FortiGate SSL-VPN client only verifies that the certificate used for client authentication was issued by Fortinet or another trusted certificate authority. "Therefore, an attacker can easily present a certificate issued to a different FortiGate router without raising any flags, and implement a man-in-the-middle attack," researchers wrote, in an analysis on Thursday.

Now according to network security platform provider SAM Seamless Network, over 200,000 businesses that have deployed the Fortigate VPN solution-with default configuration-to enable employees to connect remotely are vulnerable to man-in-the-middle attacks, allowing attackers to present a valid SSL certificate and fraudulently take over a connection. The main reason for this is that the bundled default SSL certificate uses the router's serial number as the server name for the certificate.

With the new NETGEAR Insight Managed Business Router, these remote employees will simply need a BR200 in their home or remote office to connect to another BR200 in the main office and be able to access data residing on their office network securely. Designed specifically to enable businesses to instantly protect their networks with a secure site-2-site VPN and firewall rapidly and cost-effectively through the Insight Cloud Portal or mobile app, the Insight Managed Business Router comes with easy setup, firewall, VLAN management, and remote cloud monitoring and management from anywhere.