Search results for Internet Protocol Security (IPsec) | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge Networks CEO Alan DeKok, who is the creator of the FreeRADIUS Project , said in a statement. "As a result, an attacker can modify these packets without detection. The attacker would be able to force any user to authenticate, and to give any authorization (VLAN, etc.) to that user." RADIUS, short for Remote Authentication Dial-In User Service, is a client/server protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. The security of RADIUS is reliant on a hash that's derived usi...

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to their networks," Top10VPN said in a study, as part of a collaboration with KU Leuven professor and researcher Mathy Vanhoef. As many as 4.2 million hosts have been found susceptible to the attacks, including VPN servers, ISP home routers, core internet routers, mobile network gateways, and content delivery network (CDN) nodes. China, France, Japan, the U.S., and Brazil top the list of the most affected countries. Successful exploitation of the shortcomings could permit an adversary to abuse a susceptible system as one-way proxies, as well as conduct denial-of-service (DoS) attacks. "An adversary can abuse these security vulnerabilities to create one-way proxies an...

After HeartBleed , POODLE and FREAK  encryption flaws, a new encryption attack has been emerged over the Internet that allows attackers to read and modify the sensitive data passing through encrypted connections, potentially affecting hundreds of thousands of HTTPS-protected sites, mail servers, and other widely used Internet services. A team of security researchers has discovered a new attack, dubbed Logjam , that allows a man-in-the-middle (MitM) to downgrade encrypted connections between a user and a Web or email server to use extremely weaker 512-bit keys which can be easily decrypted. Johns Hopkins crypto researcher Matthew Green along with security experts from the University of Michigan and the French research institute Inria has discovered LogJam a few months ago and published a technical report that details the flaw. Logjam — Cousin of FREAK Logjam encryption flaw sounds just like FREAK vulnerability disclosed at the beginning of March.  ...

Yes, you only need a single laptop with a decent internet connection, rather a massive botnet, to launch overwhelming denial of service (DoS) attacks in order to bring down major Internet servers and modern-day firewalls. Researchers at TDC Security Operations Center have discovered a new attack technique that lone attackers with limited resources (in this case, a laptop and at least 15Mbps of bandwidth) can use to knock large servers offline. Dubbed a BlackNurse attack or the low-rate " Ping of Death " attack, the technique can be used to launch several low-volume DoS attacks by sending specially formed Internet Control Message Protocol (ICMP) packets, or 'pings' that overwhelm the processors on server protected by firewalls from Cisco, Palo Alto Networks, among others. ICMP is a protocol used by routers and other networking devices to send and receive error messages. According to a technical report [ PDF ] published this week, the BlackNurse attack is mo...

Image Source: Libelium Here's a new danger to your smartphone security: Your mobile device can be hijacked and tracked without your knowledge. Remember Stingrays ? The controversial cell phone spying tool, also known as " IMSI catchers ," has long been used by law enforcement to track and monitor mobile users by mimicking a cellphone tower and tricking their devices to connect to them. Sometimes it even intercepts calls and Internet traffic, sends fake texts, and installs spyware on a victim's phone. Setting up such Stingrays-type surveillance devices , of course, is expensive and needs a lot of efforts, but researchers have now found a new, cheapest way to do the same thing with a simple Wi-Fi hotspot. Yes, Wi-Fi network can capture IMSI numbers from nearby smartphones, allowing almost anyone to track and monitor people wirelessly. IMSI or international mobile subscriber identity is a unique 15-digit number used for authentication of a person when movi...

Since most of us rely upon the Internet for day-to-day activities today, hacking and spying have become a prime concern, and so have online security and privacy. The Internet has become a digital universe with websites collecting your sensitive information and selling them to advertisers, hackers looking for ways to steal your data from the ill-equipped networks, websites, and PCs, and government conducting mass surveillance—every model has shifted to data collection. So, what's the solution and how can you protect your privacy, defend against government surveillance and prevent malware attacks? Virtual Private Network —Yes, one of the most efficient solutions to maximize your privacy is to use a secure VPN service. VPN serves as an encrypted tunnel between your computer and destinations you visit on the internet to secure your Internet traffic and protects you from bad guys getting into your network to steal your sensitive data. When choosing a VPN, Private Internet A...

After Adobe , the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products. This month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity. The June 2019 updates include patches Windows OS, Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, Microsoft Exchange Server, and Azure. Four of the security vulnerabilities, all rated important and could allow attackers to escalate privileges, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild. Unpatched Issue Reported by Google Researcher However, Microsoft failed to patch a minor flaw in SymCrypt , a core cryptographic function library currently used by ...

Tech giant Microsoft on Tuesday shipped fixes to quash  64 new security flaws  across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks. Of the 64 bugs, five are rated Critical, 57 are rated Important, one is rated Moderate, and one is rated Low in severity. The patches are in addition to  16 vulnerabilities  that Microsoft addressed in its Chromium-based Edge browser earlier this month. "In terms of CVEs released, this Patch Tuesday may appear on the lighter side in comparison to other months," Bharat Jogi, director of vulnerability and threat research at Qualys, said in a statement shared with The Hacker News. "However, this month hit a sizable milestone for the calendar year, with MSFT having fixed the 1000th CVE of 2022 – likely on track to surpass 2021, which patched 1,200 CVEs in total." The actively exploited vulnerability in question is  CVE-2022-37969  (CVSS score: 7.8), a privilege e...

In the year 2014, we came to know about the NSA's ability to break Trillions of encrypted connections by exploiting common implementations of the Diffie-Hellman key exchange algorithm – thanks to classified documents leaked by ex-NSA employee Edward Snowden. At that time, computer scientists and senior cryptographers had presented the most plausible theory: Only a few prime numbers were commonly used by 92 percent of the top 1 Million Alexa HTTPS domains that might have fit well within the NSA's $11 Billion-per-year budget dedicated to "groundbreaking cryptanalytic capabilities." And now, researchers from University of Pennsylvania, INRIA, CNRS and Université de Lorraine have practically proved how the NSA broke the most widespread encryption used on the Internet. Diffie-Hellman key exchange (DHE) algorithm is a standard means of exchanging cryptographic keys over untrusted channels, which allows protocols such as HTTPS, SSH, VPN, SMTPS and IPsec to negotia...

Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of skilled cybersecurity experts. XDR, or Extended Detection and Response, addresses this challenge. XDR platforms correlate indicators from across security domains to detect threats and then provide the tools to remediate incidents.  While XDR has many benefits, legacy approaches have been hampered by the lack of good-quality data. You might end up having a very good view of a threat from events generated by your EPP/EDR system but lack events about the network perspective (or vice versa). XDR products will import data from third-party sensors, but data comes in different formats. The XDR p...