You may not know exactly what Juniper does, but you may have already used them productτα της για να σερφάρετε στο διαδίκτυο εν αγνοία σας.
Juniper manufactures network hardware (σαν τη Cisco) και χρησιμοποιείται από υποδομές εταιρειών σε όλο τον κόσμο.
The company admitted today (source TNW) that at some point in the past, he found out malicious code in its ScreenOS firmware is used by NetScreen devices. The malicious code could allow a hacker or government agency to gain administrative access to devices, as well as decrypt VPN connections.
NetScreen was acquired by Juniper as 2004, as it seemed to enhance networking and security. Many of the company's products control data packets, such as network traffic for detecting malicious intent before it reaches end users.
So even if Juniper is trying to downplay the fact, things are very serious.
The fact that the company states that it does not know - or does not admit that it knows - from whom the malicious code was added is a very serious cause for concern, as it may exist for years before it is detected.
Taking into account the NSA's spying programs, it is easy to link the attack with the FEEDTROUGH program to the service that targeted firewalls of the company.
The company has not yet made further statements but according to the article it published admits that "there is no way to detect that this vulnerability has been exploited" and that it could lead to a "complete breach" of the affected system.
The company has released a patch για την ευπάθεια σε συσκευές NetScreen. Όμως αφού δεν υπάρχει τρόπος ανίχνευσης της επίθεσης, ποιος μπορεί να γνωρίζει ότι το πρόβλημα επιδιορθώθηκε;