Top
Crypto flaw made it easy for attackers to snoop on Juniper customers

Crypto flaw made it easy for attackers to snoop on Juniper customers

July 15, 2016

Category:

As if people didn’t already have cause to distrust the security of Juniper products, the networking gear maker just disclosed a vulnerability that allowed attackers to eavesdrop on sensitive communications traveling through customers’ virtual private networks.

In an advisory posted Wednesday, Juniper officials said they just fixed a bug in the company’s Junos operating system that allowed adversaries to masquerade as trusted parties. The impersonation could be carried out by presenting a forged cryptographic certificate that was signed by the attacker rather than by a trusted certificate authority that normally vets the identity of the credential holder.

Read More on ArsTechnica