Return to list of client alerts
Sophos announced that thousands of firewalls exposed to the Internet are vulnerable to a remote code execution (RCE) attack that would allow an attacker, using a specially targeted attack, to execute arbitrary code. They announced the bugs in September and fixed them in December. Note that this is only a problem if you allow access to the admin panel from the Internet side, which many companies do. Credit: Bleeping Computer
Cisco announced that there are critical authentication bypass bugs in a number of their small business routers that have reached end of life, meaning that Cisco is not going to patch them and hackers are going to attack them. The bugs allow hackers to take full control of the device and run arbitrary code. They also said that proof of concept code is now available and there are no workarounds. Cisco says that even though these routers are end of life, there are still a lot of them in service. Credit: Dark Reading
Fortinet says that they just patched a high severity bug that allows a remote, unauthenticated hacker to execute arbitrary code. While they said the attacks against this were targeted, they also said they saw attacks in the wild and now that it is getting more press, the attacks will likely be more widespread. Credit: Security Week
So what does all of this mean?
ONE LAST THOUGHT. DON’T FORGET ABOUT THAT OTHER PART OF YOUR NETWORK – THE ROUTERS AND FIREWALLS AT YOUR REMOTE WORKERS’ HOMES. THAT IS LIKELY THE EASIEST WAY INTO YOUR NETWORK AND HACKERS KNOW THAT. One thing that is likely sure. Your employee’s home ISP is probably a lot less security sensitive than you are and likely never patches their routers. There are exceptions, but, they are exceptions.
As always, if you need help, please contact us.