Latest in Gear

Image credit:

CNN: FBI is investigating the Juniper Networks security hole

Juniper Networks equipment is used by the DoD, FBI and Treasury Department.
358 Shares
Share
Tweet
Share

Sponsored Links

Yesterday's news of "unauthorized code" that could enable untraceable backdoor access to VPN traffic on certain Juniper Networks firewalls is now being investigated by the FBI. That news comes from CNN, which said that a US government official described the vulnerability as "stealing a master key to get into any government building." There's no word yet on which government agencies or private companies may have been using the specific ScreenOS-powered devices affected, but that's what the Department of Homeland Security is now trying to find out.

The biggest question, of course, is how the code got into Juniper's software at all, and if it has ever been used. If someone knew about them, they'd not only be able to decrpyt VPN traffic on a particular network, but they could also scrub any log entry that would otherwise note the unauthorized access. It's also affecting discussions where some government officials insist on backdoor access to secure networks and services for law enforcement, even though security experts insist that inserting such vulnerabilities actually weakens security for everyone. For its part, Juniper Networks has already released patches closing the security holes, as well as an unrelated issue that could leave its firewalls open to DoS attacks, which you can find out more about here.

[Image credit: Simon Dawson/Bloomberg via Getty Images]

Source: CNN
Coverage: US-CERT, Wired
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
358 Shares
Share
Tweet
Share

Popular on Engadget

Qualcomm promises 5G 'with fewer hurdles' on its latest modem

Qualcomm promises 5G 'with fewer hurdles' on its latest modem

View
TCL's leaked prototype phone features a slide-out display

TCL's leaked prototype phone features a slide-out display

View
Extortionists threaten sites with bad traffic to make Google ban ads

Extortionists threaten sites with bad traffic to make Google ban ads

View
LG brings a 48-megapixel camera to its budget K-series smartphone

LG brings a 48-megapixel camera to its budget K-series smartphone

View
Cadillac will unveil its first all-electric vehicle in April

Cadillac will unveil its first all-electric vehicle in April

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr