An updated slipstream technique spells danger for vulnerable firewalls.
Security researchers at Armis enhanced the old 2020 attack by leveraging protocols that evade port blocks. Previously, the initial attack could have been triggered by a malicious JavaScript code that first found the victim’s computer’s IP address and then tried to initiate a SIP video-conference session. This way, every connected device on the target’s network got exposed to the internet.
Researchers warned last year that protocols like WebRTC TURN could be used for attacks, and they managed to prove it with NAT Slipstream v2.
“The new variant to the NAT Slipstreaming attack is comprised of two primitives, the first explores the H.323 ALG, and the second expands the attack surface of the various NAT ALGs reachable from a browser, by abusing the WebRTC TURN server API via JavaScript,”
Ben Seri and Gregory Vishnepolsky, threat researchers at Armis
On a positive note, researchers disclosed the vulnerability to browser vendors back in November 2020, and most major browsers have been patched.
A demonstration of the attack can be found in the video bellow.
Check the source.
Read More
- Massive $59M Facebook Phishing Campaign Steals Nearly 400M CredentialsThreat actors have managed to net a staggering $59 million and steal hundreds of millions of credentials in a […]
- Human Error is a Top Security Risk in 2022, New Report ShowsA new report from Verizon warns about the human error as being one of the most frequent causes of […]
- Paying The Ransom – An Open Invitation For A Second Attack, 2022 Report WarnsWhether the unlucky victim of a ransomware attack ends up paying the ransom or not, they are still susceptible […]
- FBI: Business Email Compromise – a $43B ScamA new FBI report warns of a staggering spike in hacking activities using the Business Email Compromise technique (BEC), […]
- NVIDIA Confirms Employee Credentials And Proprietary Data Stolen During CyberattackNVIDIA confirmed the Lapsus$ cyberattack and the data leak that followed, saying it first became aware of the security […]
Attribution:
Photo by Florian Olivo on Unsplash