Cloudflare, the denial of service prevention vendor, is reporting hearing of gangs who threaten denial of service attacks unless the victim pays a ransom in bitcoins. Even though they have heard from over 100 customers, none have been attacked, whether they pay or not. Of course, this does not mean that they will not be attacked in the future. To read the full article, click here.
Cisco announced a vulnerability this week in their ASA security appliance that allows an attacker to take over the ASA and then your network with a single well crafted packet. We recommend that you patch your ASAs as soon as possible. Cisco rates this vulnerability as a 10 on their 1 to 10 scale. Click here for the full article.
Juniper Users Need To Patch Back Door Created By Malicious Actor
Juniper announced that they have found code in a number of devices that allows anyone who is aware of the password and back door to take over control of the affected Juniper routers. Juniper said that they did not put this code in the routers and have released a patch to remove it. Read the advisory, here, for more information.
Fortinet Users Need To Patch Intentional Back Door
Fortinet revealed that they have a hard coded password in most versions of their software. The password is used to allow the Fortinet management console to talk to managed Fortinet devices. Unfortunately, it allows anyone who knows the password to talk to and manage those devices as well. Fortinet has released patches to help mitigate this issue. Read the advisory, here, for more information.