Your Friday Tech Takeaway - 14.07.17

Over 14 Million Verizon Customers' Data Exposed On Unprotected AWS Server: Verizon, the major telecommunications provider, has suffered a data security breach with over 14 million US customers' personal details exposed on the Internet after NICE Systems, a third-party vendor, mistakenly left the sensitive users’ details open on a server. Chris Vickery, researcher and director of cyber risk research at security firm UpGuard, discovered the exposed data on an unprotected Amazon S3 cloud server that was fully downloadable and configured to allow public access.

Two new Windows zero day attacks allowing privilege escalation: As part of this month's Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007. Researchers at behavioural firewall specialist Preempt discovered two zero-day vulnerabilities in Windows NTLM security protocols, both of which allow attackers to create a new domain administrator account and get control of the entire domain. "In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a domain controller. An attacker who successfully exploited this vulnerability could run processes in an elevated context," Microsoft explained in its advisory.

FWaaS? What is this new trend: Recently, in the 2017 Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls), the analysts reference a Gartner client survey indicating 14% of respondents were likely (8%) or very likely (6%) to consider moving all the firewall security functions to FWaaS. FWaaS offers a single logical firewall that is available anywhere, seamlessly scales to address any traffic workload, enforces unified policy, and self-maintained by a cloud provider.

Before You Hit 'Submit,' This Company Has Already Logged Your Personal Data: So you visit a website and begin filling in a contact form or their "create an account" form, or perhaps purchase information... or perhaps your handy-dandy browser, which has been paying attention, beats you to it on some fields, auto-filling a bunch of the page's form fields for you. In the traditional world we all grew up in, this was all a passive process. Somewhere on the page, typically at the bottom below the fill-in area, is a "Create an account" or a "Submit" button... and the implicit and longstanding rule has been... nothing happens with any of the information until and unless you press that button to explicitly and deliberately send that provided information off to the hosting web server.

A few months ago code was found on webpages that created hidden text forms which your browsers auto-fill would happily dump your data into. Without you having to further interreact the code would pull this information from the site. Marketing company Navistone is using this method to pull unsubmitted information from websites to further campaign to prospects.

Navistone is reportedly now selling this capability. And this data does not go to the hosting site. No. It goes back to servers controlled by Navistone where it is doubtless, if we believe the claims on their website, merged into existing tracking-derived data and used to compile marketing information which is then sold back to their clients.

New SQL Injection Tool Makes Attacks Possible from a Smartphone: Known as "Katyusha Scanner," this previously unknown tool combines the power of the Anarchi Scanner open-source penetration testing tool with the ephemeral and encrypted communication of the cloud-based Telegram messaging service. The resulting black market product makes it possible for the bad guys to carry out wide-ranging scans and attacks against a big volume of websites directly, and conveniently, from their mobile devices, according to Recorded Future, which published details on the tool yesterday.

The scanner shows all signs of being a royal pain in the rear for enterprises, as criminal clients are catered to with a relatively cheap price point, simple interface, frequent updates, and seemingly good customer support. Its authors display a significant amount of business savvy, offering a Pro version for $500, a light version for $250 and a SaaS model for $200 per month. 

Juniper EMEA Tech Summit: Yesterday Juniper bid farewell to the 800+ attendees of their EMEA Tech Summit, held this year in Madrid. Infradata’s entire UK technical team attended, as well as teams from Germany, the Netherlands, Poland and France.

From their heritage of carrier-grade routing, Juniper continue to respond to the rapidly shifting landscape of the modern network. Focus areas for 2017 were primarily Security and Automation - with both receiving significant air time.

Juniper’s Software Defined Secure Network (SDSN) continues to mature, leveraging the entire “network ecosystem” for advanced threat intelligence, detection and remediation.

As MPLS networks evolve, SD-WAN continues to be a hot topic. With ease of connectivity to multiple WAN and Cloud providers, alongside WAN reliability improvements, there are plenty of customer benefits to be explored.

Automation is where Juniper is clearly ahead of the curve. Numerous technical presentations unpacked the DevOps world to the Network Engineer, embracing technologies such Ansible, Chef, Puppet, Salt and Python to name a few.

…and with their hardware platforms innovating and developing, Juniper continue to move from strength to strength.

July 14 2017

Share this page:

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here.