Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Vulnerability found in FirePower Firewall of “CISCO”!

Security researchers of Check Point Security were testing a new product of CISCO and they found a critical vulnerability in this. FirePower Firewall is the name of that product and it is the newest product which had been launched by CISCO. Check Point Security is famous security company and its headquarter is located in ISRAEL.

This vulnerability was allowing hackers to remotely bypass the malware detection system of the firewall. It was like making fool of a security guard to get entry in the house for stealing all the money and costly things. This vulnerability has been registered with CVE-2016-1345. CISCO has also released an update to patch this security flaw.

 

How hackers can exploit this vulnerability?

 

Hackers can remotely exploit this vulnerability to leave a malware in the network. In simple words, there is a problem in FirePower Firewall’s HTTP header input field. Hackers can exploit this vulnerability by creating a special HTTP request according to the need of malware, which they want to inject in the network. By doing this hackers can make fool of malware detection system of this Firewall. If the Malware Detection system of a firewall has been blocked by the hackers, then it is just a steel box. By getting entry into the settings of Firewall, hackers can change all the policies of Firewall, which has been set by a network engineer. Hackers can set the policies of Firewall as per need of malware.

 

Response of CISCO?

 

A security update has been released by CISCO, to fix this security flaw. It is a major vulnerability therefore it got the entry in the list of “High Risk” vulnerabilities. CISCO will release this security update in three steps. First it will release version 5.4.0.7, then 5.4.1.6 and in the last it will update 6.0.1. CISCO will release a complete package of solution in version 6.0.1 which will fix this vulnerability in “FirePower” firewall. A list of suspicious services has also been published by CISCO to warn the users of FirePower Firewall. There is a list of malicious services. If any network engineer found any of these services running on the network, then he have to update the firewall.

 

Also read: Hackers are targeting Web Servers with “KimcilWare Ransomware”!

 

1.FirePower 8000 Series products

2.AMP (Advanced Malware Protection) for Networks, 8000 Series products

3.ASA (Adaptive Security Appliance) 5500-X-Series with Firepower Services.

4.FirePower 8000 Series Products.

5.AMP (Advanced malware Protection) for network, 7000 Series Products.

There is another way to find this vulnerability. Users can check the settings of firewall. Users can go into policies of firewall, then into access control and then Malware and File. If the rules are set to Block Malware, Detect Files and Block Files, then network is vulnerable.

 

Reyes Salcedo I'm concern about these hacker's picking on you as if they're not human only zombie's, éxçépt no matter what this new technology bring advanced knowledge someone sick enough alwayys what's our technology iñ their possession tó attack human civilized people trying hard tó Make it through life's complications , technology has gone viral into the next generatio offense but try tó get away with get sway with murder who the nerve willing to molest yóur privacy,& haunt your free~spirit.

Apr 10, 2016

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.