Command Execution Vulnerability in Netcom's Next-Generation Firewalls

Netcom Next Generation Firewall NGFW is a firewall that can comprehensively deal with application layer threats. A command execution vulnerability exists in the NGFW. An attacker can exploit this vulnerability to gain server privileges...

The vulnerability of the Application Layer DNS Gateway Function (ALG) of Cisco IOS XE, which allows a hacker to trigger a device reboot or cause a service failure.

The vulnerability of the Application Layer DNS Gateway Function ALG of Cisco IOS XE lies in insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause service failure through a specially crafted DNS packet...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-22190)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the DNS Application Layer Gateway ALG feature used by Network Address Translation NAT in Cisco IOS XE. The vulnerability stems from a...

Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the DNS application layer gateway ALG functionality used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected...

Cisco IOS XE Software 代码问题漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the DNS Application Layer Gateway ALG feature used by Network Address Translation NAT in Cisco IOS XE. The vulnerability stems from a...

File Upload Vulnerability in Netcom Next Generation Firewall NS-NGFW

Netcom Next Generation Firewall NGFW is a high-performance firewall that can comprehensively address application layer threats. A file upload vulnerability exists in NS-NGFW, which can be exploited by attackers to gain control of the server...

File Upload Vulnerability in the Frontend of NS-NGFW Next Generation Firewall of Beijing Netcom Technology Co.

Netcom Next Generation Firewall NGFW is a high-performance firewall that can comprehensively address application layer threats. A file upload vulnerability exists in the frontend of NS-NGFW, which can be exploited by attackers to gain control of the server...

Take the Full-Stack Approach to Securing Your Modern Attack Surface

A growing remote-work culture demands a graduation in the approach to security. It’s time to test, monitor, secure, and extend to the application layer. A modern methodology for vulnerability management VM is vital for organizations looking to minimize attack surfaces by prioritizing potential...

The Advantages and Risks of Serverless Computing

Organizations are increasingly embracing serverless computing for its convenience and cost-effectiveness. But many IT teams are blindly embracing this innovation in cloud technology without consulting their security peers. As a result, we can expect to see a growing number of cyber-attacks in thi...

New NAT/Firewall Bypass Attack Lets Hackers Access Any TCP/UDP Service

A new research has demonstrated a technique that allows an attacker to bypass firewall protection and remotely access any TCP/UDP service on a victim machine. Called NAT Slipstreaming, the method involves sending the target a link to a malicious site or a legitimate site loaded with malicious ads...

Imperva mitigates largest DDoS attacks of 2020… so far…

The word “unprecedented” has never been used so much as it has during 2020. And in the latest of many unprecedented events, July saw the two largest recorded DDoS attacks of the year so far. As revealed in our July 2020 Cyber Threat Index Report, published today, Imperva Research Labs recorded tw...

Mistica - An Open Source Swiss Army Knife For Arbitrary Communication Over Application Protocols

Mística is a tool that allows to embed data into application layer protocol fields, with the goal of establishing a bi-directional channel for arbitrary communications. Currently, encapsulation into HTTP, DNS and ICMP protocols has been implemented, but more protocols are expected to be introduce...

Cloud workload security: Should you worry about it?

Due to the increasing use of the cloud, organizations find themselves dealing with hybrid environments and nebulous workloads to secure. Containerization and cloud-stored data have provided the industry with a new challenge. And while you can try to make the provider of cloud data storage...

CVE-2020-12040

Sigma Spectrum Infusion System v's6.x model 35700BAX and Baxter Spectrum Infusion System Versions 8.x model 35700BAX2 at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data. This could allow an attacker that has...

Code injection

Sigma Spectrum Infusion System v's6.x model 35700BAX and Baxter Spectrum Infusion System Versions 8.x model 35700BAX2 at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data. This could allow an attacker that has...

Why Businesses Should Consider Managed Cloud-Based WAF Protection

The City of Baltimore was under cyber-attack last year, with hackers demanding $76,000 in ransom. Though the city chose not to pay the ransom, the attack still cost them nearly $18 million in damages, and then the city signed up for a $20 million cyber insurance policy. It's very evident that...

Lift the DDoS Smokescreen: Investigate Underlying Attacks

"Hold out baits to entice the enemy. Feign disorder, and crush him." Sun Tzu The sophistication of cybercriminals and the attraction of the “Black Hat” cyberspace have grown dramatically over the years. In the past, cyber assaults were carried out mostly by amateurs, motivated by boredom or plain...

2019 Global DDoS Threat Landscape Report

Today Imperva Research Labs, made up of senior researchers and industry experts who have been delivering sound and valid advice for over 15 years, is releasing a brand new Global DDoS Threat Landscape Report. The report is a statistical analysis of 3,643 network layer DDoS attacks throughout 2019...

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway DoS (cisco-sa-20190925-sip-alg)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the Network Address Translation NAT Session Initiation Protocl SIP Application Layer Gateway ALG. This allows an unauthenticated, remote attacker to cause an affected device to...

The vulnerability lies in the implementation of the SIP protocol and the NAT function of the Application Layer Gateway (ALG) of the Cisco IOS XE operating system. This allows a attacker to trigger a reboot of the vulnerable device.

The vulnerability of the SIP protocol implementation and the NAT function of the Application Layer Gateway ALG on the Cisco IOS XE operating system is related to errors in processing SIP packets. Exploiting this vulnerability allows a malicious actor to trigger a restart of the vulnerable device ...