AI-powered cyber defense service protects against phishing attacks for businesses on unlimited handset plans.
Related Posts
BGP Error Handling Flaw Leads to Prolonged Network Outage
BGP Error Handling Flaw Leads to Prolonged Network Outage
BGP is the backbone protocol and the internet’s “glue,” which directs the routing decisions between ISP networks to hold the internet under a set.
In short, this protocol, BGP, is completely an essential element necessary for the internet’s proper functionality.
Edge device software implementing BGP isn’t perfect, with both commercial and open-source versions showing issues in this crucial routing protocol.
While many flaws are minor and related to routing issues, a concerning BGP bug can propagate like a computer worm.
The owner of BGP[.]Tools, Ben Cartwright-Cox found this flaw; It’s a company that offers BGP monitoring services for issue detection and resolution.
Mistaken Attribute
A small Brazilian network reannounced a route with a corrupted attribute on June 2, 2023, potentially affecting the intermediate routers.
Many routers ignored the attribute, but Juniper routers understood, and the error response shut BGP sessions, impacting internet connectivity for distant networks.
Besides this, the BGP errors suspend the session, pausing customer traffic until auto-restart is done, which usually takes seconds to minutes.
This affected multiple carriers, like COLT, whose outage brought attention to the issue.
BGP Error Handling Flaw
Each route attribute begins with flags, including the crucial ‘transitive bit’:-
If an attribute’s transitive bit is set and a router doesn’t understand it, it copies to another router, potentially causing blind propagation of unknown information.
BGP shutdowns disrupt traffic and can propagate like a worm. While the attributes unknown to one implementation might cause another to shut down, the crafted BGP UPDATE could target a vendor and pull a network offline.
This attack remains, as the malicious route stays in the peer router; even after a restart, it triggers another reset when transmitted which leads to prolonged outages.
Moreover, to test whether various BGP implementations are impacted or not, the security analyst developed a basic fuzzer.
Unimpacted Vendors
Here below, we have mentioned all the vendors that have not been impacted:-
MikroTik RouterOS 7+
Ubiquiti EdgeOS
Arista EOS
Huawei NE40
Cisco IOS-XE / “Classic” / XR
Bird 1.6, All versions of Bird 2.0
GoBGP
Impacted vendors
Here below, we have mentioned all the impacted vendors:-
Juniper Networks Junos OS
Nokia’s SR-OS
Extreme Networks’ EXOS
OpenBSD’s OpenBGPd
OpenBSD’s FRRouting
Reporting & Responses
These findings were reported to all the impacted vendors by Cartwright-Cox. After being notified, the following responses were observed from the impacted vendors:-
OpenBSD issued a patch
Juniper assigned CVEs
FRR also assigned CVEs
Nokia hasn’t addressed the problem
Extreme also hasn’t addressed the problem
Apart from this, despite the vendor silence, organizations can take mitigatory steps to prevent potential exploitation.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
The post BGP Error Handling Flaw Leads to Prolonged Network Outage appeared first on Cyber Security News.
Cyber Security News
Tor Browser 13.5.6 Released – What’s New!
Tor Browser 13.5.6 Released – What’s New!
The Tor Browser 13.5.6 has been released with crucial security updates for Firefox and several enhancements and bug fixes across all platforms.
Notably, NoScript has been updated to version 11.4.40, and issues such as download spam prevention affecting browser extensions have been resolved (bug tor-browser#42832).
Bug Fixes:
tor-browser#42832: Resolved an issue where download spam prevention was affecting browser extensions.
tor-browser#43167: Rebasing of Tor Browser Stable onto Firefox 115.16.0esr.
tor-browser#43173: Backported security fixes from Firefox version 131.
For Windows, macOS, and Linux users, Firefox has been updated to 115.16.0esr, with additional fixes like removing the hash check on updates (bug tor-browser#42737) and implementing the YEC 2024 Takeover for Desktop Stable (bug tor-browser#43098).
Windows and macOS users benefit from continued support for older systems, including Windows 7/8 and macOS versions 10.12-10.14 (bug tor-browser#42747).
Android users will see an update to GeckoView 115.16.0esr and the YEC 2024 Takeover for Android Stable (bug tor-browser#43099).
The Tor Project encourages users to provide feedback on the new release. Whether reporting bugs or suggesting improvements, user input is vital for continuously enhancing the browser.
The development team is committed to addressing user concerns and incorporating valuable suggestions into future updates.
The full changelog for Tor Browser 13.5.6 is available for those interested in a detailed breakdown of all changes and fixes. Users are advised to update their browsers promptly for the latest security enhancements and features.
Tor Browser 13.5.2 is now available from the Tor Browser download page and also from the distribution directory.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free
The post Tor Browser 13.5.6 Released – What’s New! appeared first on Cyber Security News.
Port disruption and a discussion of maritime and OT.
Port disruption and a discussion of maritime and OT.
A cyber incident disrupts Australian ports. Sandworm and Ukraine’s power grid: 2022 attacks. Department of Energy hosts simulated cyberattack competition. CISA, FEMA, and Shields Ready. Cyber and electronic threats to space systems. Four cyber phases of a hybrid war. Guest Austin Reid of ABS Group discusses cyber risk and threats to Maritime Transportation Systems (MTS). On the Learning Lab, catch an encore of Dragos CEO Robert M. Lee and Mark Urban about the five critical controls for ICS. Read More
The CyberWire