Backdoor account discovered in over 100,000 Zyxel firewalls
More than 100,000 Zyxel firewalls, VPN gateways and access point controllers have been affected by a major security vulnerability. A username and password (zyfwp / PrOw!aN_fXp) were visible in one of the software binaries allowing hackers access. This type of vulnerability represents a serious vulnerability for the owners of this firewall. A hacker could, for example, "change the firewall settings to allow or block certain traffic or intercept traffic or create VPN accounts to access the network behind the device," explained Niels Teusink, security researcher at Eye Control in a post on ZDNet.
Cyber security priorities
The Taiwanese vendor has officially announced the vulnerability (on behalf of CVE-2020-29583) in a public advisory and patches to apply to fix the problem are already available. This type of vulnerability reminds us of the importance of having, at a minimum, a well-established cyber security plan and priorities. The importance of applying the necessary corrective measures as soon as possible, and allocating time and money to them as needed. It is also important to have in-house security team or a Managed Detection and Response service in place to stay on the lookout for security problems and to intervene as quickly as possible when necessary.
To read the full article, click here
Find Out How Our Monitored Detection and Response (MDR) Service can Protect Your Network
We’re convinced that after seeing our MDR solution (powered by our CDS network monitoring technology) in action, you won’t want to leave your network unprotected again. So we are offering a 30-day free trial that includes:
- Fact-finding session
- CDS configuration
- 30-day free Proof of Concept
- First month activity report and recommendations
Email: Freetrial@streamscan.ai
Phone: 1 877-208-9040