Items tagged with Firewall

Sophos has published an emergency security update to patch a zero-day vulnerability in its XG enterprise firewall product. The patch plugs a hole that was being abused in the wild by hackers. Sophos says that it learned of the zero-they exploit on Wednesday of last week, after receiving a report from one of its customers. The customer reported that it had seen "a suspicious field value visible in the management interface." After investigation, Sophos determined that it was an active attack on both physical and virtual XG Firewall systems, and not a misconfiguration in its product. The hackers were abusing an SQL injection bug in its database to steal passwords. Sophos says that the attack... Read more...
A group of researchers from the University of Michigan and Microsoft Research released a paper titled An Untold Story of Middleboxes in Cellular Networks in which they reveal why and how cellular service is both sub-optimal and insecure. How did they do it? They developed a tool called NetPiculet, which uses intelligent measurement to probe middlebox policies in cellular networks, focusing on firewalls and NAT boxes, and released it into the wild in the form of an Android app. In addition to earning 50 points for coming up with a creative and effective way of gathering data from geographically diverse cellular networks, the team was rewarded with nearly 400 de facto data-gatherers who collected... Read more...
Here's something that Chinese users will agree the Kindle does better than the iPad: scale the "Great Firewall of China." Sites such as Facebook and Twitter, which are blocked by Chinese authorities, can be accessed by the Kindle's Internet browsing functionality. The Kindle is only available in China's grey markets, however. A seller in Beijing told the South China Morning Post he has been slipping Kindles into China a few at a time, and that he has sold 300 in the past month. AFP reported that bloggers are recommending the device for its ability to get around the censors. One blogger said, "I still can't believe it. I casually tried getting to Twitter, and what a surprise, I got there. And... Read more...
If you're on the Internet, you must be aware of identity theft. Hardly a day goes by without news of another version of a phishing scam designed to coax the unwary into offering up their precious personal information, never mind the more complex and insidious malware approaches to theft.  So information gathered for a study at Utica College of identity theft is a little surprising to us paranoid internauts: The Internet is not necessarily the preferred method for stealing your information. "Analysis of the methods employed by the offenders showed that Internet and/or other technological devices were used in approximately half of the cases," the report says. "In some cases, the offenders... Read more...