Loading...
Loading...
Browse all stories on DeepNewz
VisitCloudflare Discloses Critical BlastRADIUS Vulnerability in RADIUS Protocol Allowing MitM Attacks
Jul 9, 2024, 01:25 PM
Cloudflare and a team of researchers have disclosed a critical vulnerability in the RADIUS protocol, which is widely used to control administrative access to networking equipment. The vulnerability, known as BlastRADIUS, exploits the outdated use of the MD5 hash function, allowing attackers to perform Man-in-the-Middle (MitM) attacks by modifying Access-Request packets undetected and forcing user authentication. This flaw, which involves a novel chosen-prefix collision attack, can lead to unauthorized network access, compromised integrity checks, and forging authentication messages. Internet Service Providers (ISPs) and organizations are advised to update their RADIUS servers, use TLS/IPSec, and avoid PAP/CHAP methods to mitigate the risk.
View original story
Markets
No • 50%
Yes • 50%
Official announcements from organizations and news reports
Yes • 50%
No • 50%
Public security incident reports and news articles
No • 50%
Yes • 50%
Public announcements and technical reports from major ISPs
Comcast • 25%
Other • 25%
Verizon • 25%
AT&T • 25%
Official announcements from ISPs
Using TLS/IPSec • 25%
Other • 25%
Updating RADIUS servers • 25%
Avoiding PAP/CHAP methods • 25%
Surveys and reports from cybersecurity firms and organizations
Other • 25%
North America • 25%
Europe • 25%
Asia • 25%
Cybersecurity incident reports and news articles