Category: network security

January 30, 2020
Cisco Firepower Management Center is on fire!

The vulnerability is due to bad handling of LDAP responses when the latter is being used for External Authentication. The bad actor can run the exploit by creating a crafted HTTP requests effectively bypassing authentication and getting administrative privileged access to the Web GUI.

Read More
May 24, 2019
Microsoft RDP easy way into an organization – A two-edged sword

Microsoft RDP protocol is one of the main focuses of bad actors in these days. There are reports for numerous successful breaches in small and medium sized organizations with heavy use of RDP from outside.

Read More
November 7, 2018
Cisco SIP inspection based DoS attack

The vulnerability is based on the SIP inspection code that handles SIP signaling packets.

Read More
June 28, 2018
New vulnerability discovered in Cisco ASA, ASAx and Firepower devices

A new vulnerability was publicly announced last Friday (22th of June). It effects all current Cisco ASA devices (all models) and Firepower appliances

Read More
June 1, 2018
End of the Traditional Firewalls Era - Cisco ASA is not enough anymore

Malware has evolved so much in recent years and the trend is to keep evolving with ever increasing pace. Traditional Firewalls that use old technologies such as stateful firewalling are not capable of detecting / preventing most of the modern threats.

Read More
May 25, 2018
New major security threat

The Russia bear is having a snack out of Ukraine it seems but also more than 100 other countries are involved. Cisco devices are NOT vulnerable but for me that is a valuable marketing as it shows the value of actually having a nice vendor and not a cheap one. → https://blog.talosintelligence.com/2018/05/VPNFilter.html

Read More
April 9, 2018
Yet another critical vulnerability found for Cisco devices

On the 29th of March a company that deals with security in embedded devices, called Embedi published their discovery about a critical vulnerability in most Cisco Switch devices (both running IOS and XE).

Read More
March 2, 2018
Memcached - Newest amplification attack out there

In the last months and years we have seen multiple DDoS attacks based on amplification techniques (DNS, NTP, Chargen, SSDP)

Read More
January 15, 2018
Not The Best Intel Month

Three major vulnerabilities were found in a very short span of time, and Intel team cannot catch up fast enough with the patching and the security updates.

Read More
December 20, 2017
Modern security landscape, trends in malware and counteracting security controls

Malware is evolving constantly. The threat landscape is so dynamic that yesterday’s news is not news today. The malware business is a full-blown industry that can easily size up with the IT security industry.

Read More
October 25, 2017
New Ransomware on the loose

Remember Mira? The worm that prayed on unsecure IoT devices. It managed to spread and gain control using quite a simple method to gain entry – reusing the hard-coded or default password for IoT devices which were well-known by then, and the spreading was done via the EthernalBlue SMB exploit.

Read More
October 25, 2017
New VPN/crypto attack – DUNK (Don't Use Hard-coded Keys) attack

The security environment is so dynamic these days, it is certainly interesting to see how things change all the time, vulnerabilities are found almost every day, exploits are being developed at a whopping pace and even for professionals, just keeping up with it all is very challenging.

Read More
© 4CornerNetworks - Website by Roslin Design
4CornerNetworks is the trading name of 4CornerNetworks Ltd
Reegistered Address: 4 Harecroft Lane, Ickenham, Uxbridge, Middlesex, UB10 8FD
Company Registration Number: 07920761
Registered in England
chevron-down