Saturday, April 19, 2014
Heartbleed broke into vir(t)ual private network !
But this time Hearthbleed it used exploit on firmware that has to be replaced, not updated, and was used to break into a virtual private network (VPN), bypassing the network's multifactor authentication entirely.
An unspecified attacker exploited the bug on an unnamed company's VPN concentrator, an appliance that provides secure remote connectivity to a private network such as one a company might use in its office. Washington D.C.-based security company Mandiant discovered the attack, which began on Apr. 8, just a day after the Heartbleed bug became public knowledge.
99% BAD HARDWARE WEEK: Just as BAD HARDWARE alarmed for Cisco network devices. But for Juniper and some others too ! WHat you can do about VPN 3000 Concentrator ? Nothing. Simply buy the latest model. If such exists at all now.
Here is some of Cisco VPN bad hardware
Create a testing environment where you can try out your new solution upgrade, risk-free This allows you to work out any kinks and see firsthand the effects your upgrade will have on your organization without actually affecting your operationstop10-bestvpnPost a Comment