Networking Security

Hardware Vendor Offers Backdoor with Every Product

IT administrators know there’s nothing more frustrating than losing administrative access to your network equipment. But Allied Telesis, a Japan-based maker of switches, routers and other networking devices, has a fix: guaranteed backdoors for every product.

Warning About IDS Evasion Greeted by Chorus of ‘Meh’

‘All your IDS are belong to us,’ was the message on Monday, after researchers at networking security equipment vendor Stonesoft announced the discovery of evasion techniques that could be used by sophisticated attackers to bypass network based IDS and IPS. The disclosure raises questions about the effectiveness of a wide range of networking security products, but experts say those kind of questions are nothing new.

Cisco Warns of Vulns in Building Systems

Cisco Systems has warned of serious vulnerabilities in a device that
connects a building’s ventilation, lighting, security, and energy supply
systems so they can be controlled by IT workers remotely. The networking giant urged users of the Cisco Network
Building Mediator products to patch the vulnerabilities, which among
other things allow adversaries to obtain administrative passwords. Read the full article. [The Register]

Cisco has released updates to close numerous security holes in several of its products. The ASA 5500 Adaptive Security Appliances are most affected. They alone contain six vulnerabilities that can be exploited to remotely cripple or reboot a device via specially crafted TCP, SIP, SCCP or IKE packets. Read the full article. [The H Security]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.