hardware firewall | Breaking Cybersecurity News | The Hacker News

The US government's $6 Billion firewall is nothing but a big blunder. Dubbed EINSTEIN , the nationwide firewall run by the US Department of Homeland Security (DHS) is not as smart as its name suggests. An audit conducted by the United States Government Accountability Office (GAO) has claimed that the firewall used by US government agencies is failing to fully meet its objectives and leaving the agencies open to zero-day attacks. EINSTEIN, which is officially known as the US' National Cybersecurity Protection System (NCPS) and has cost $5.7 Billion to develop, detects only 6 percent of today's most common security vulnerabilities and failed to detect the rest 94 percent. How bad is EINSTEIN Firewall in reality? In a series of tests conducted last year, Einstein only detected 29 out of 489 vulnerabilities across Flash, Office, Java, IE and Acrobat disclosed via CVE reports published in 2014, according to a report [ PDF ] released by the GAO late las...

Are millions of enterprise users, who rely on the next-generation firewalls for protection, actually protected from hackers? Probably Not. Just less than a month after an unauthorized backdoor found in Juniper Networks firewalls, an anonymous security researcher has discovered highly suspicious code in FortiOS firewalls from enterprise security vendor Fortinet. According to the leaked information, FortiOS operating system, deployed on Fortinet's FortiGate firewall networking equipment, includes an SSH backdoor that can be used to access its firewall equipment. Anyone can Access FortiOS SSH Backdoor Anyone with " Fortimanager_Access " username and a hashed version of the " FGTAbc11*xy+Qqz27 " password string, which is hard coded into the firewall, can login into Fortinet's FortiGate firewall networking equipment. However, according to the company's product details, this SSH user is created for challenge-and-response authenti...

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider's storage security controls and default settings. "In just the past few months, I have witnessed two different methods for executing a ransomware attack using nothing but legitimate cloud security features," warns Brandon Evans, security consultant and SANS Certified Instructor. Halcyon disclosed an attack campaign that leveraged one of Amazon S3's native encryption mechanisms, SSE-C, to encrypt each of the target buckets. A few months prior, security consultant Chris Farris demonstrated how attackers could perform a similar attack using a different AWS security feature, KMS keys with external key material, using simple scripts generated by ChatGPT. "Clearly, this topic is top-of-mind for both threat actors and ...

Juniper Networks has announced that it has discovered " unauthorized code " in ScreenOS , the operating system for its NetScreen firewalls, that could allow an attacker to decrypt traffic sent through Virtual Private Networks (VPNs). It's not clear what caused the code to get there or how long it has been there, but the release notes posted by Juniper suggest the earliest buggy versions of the software date back to at least 2012 and possibly earlier. The backdoor impacts NetScreen firewalls using ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20, states the advisory published by the company. However, there's no evidence right now that whether the backdoor was present in other Juniper OSes or devices. The issue was uncovered during an internal code review of the software, according to Juniper chief information officer Bob Worrall , and requires immediate patching by upgrading to a new version of the software just released today. ...