/>
X

Critical BlackBerry exploit to be released Aug 14

If you're BlackBerry Enterprise Server isn't in "positioned" in a network DMZ, perhaps now is a good time to move it.  According to a report by eWeek's Matt Hines, on Aug 14, security researchers will be releasing the code to an exploit that leverages a BlackBerry's capability to securely connect or "tunnel into" a corporate network.
zd-defaultauthor-david-berlind.jpg
Written by David Berlind, Inactive on

If you're BlackBerry Enterprise Server isn't in "positioned" in a network DMZ, perhaps now is a good time to move it.  According to a report by eWeek's Matt Hines, on Aug 14, security researchers will be releasing the code to an exploit that leverages a BlackBerry's capability to securely connect or "tunnel into" a corporate network.  The hack essentially turns BlackBerry into end-run devices that circumvent the security that would normally stop illicit connections.  Reports Hines:

According to a warning released by network security applications and device provider Secure Computing, organizations with their BlackBerry servers installed behind their gateway intrusion detection boxes could be compromised when researcher Jesse D'Aguanno, a consultant with risk management experts Praetorian Global, of Placerville, Calif., releases his code the week of Aug. 14....In his presentation at Defcon, D'Aguanno highlighted the ability of a hacking program dubbed BBProxy to be installed on a BlackBerry device or sent as an e-mail attachment to an unsuspecting user. Once installed, the attack opens a covert communications channel with the RIM servers by bypassing gateway security controls...Because the communications between the devices are encrypted, network defenses will not find or shut down the tunnel....

Apparently, BlackBerry manufacturer Research in Motion has some suggested fixes but security researchers warning that RIM's suggestions may not go far enough.

Related

This is the ultimate security key. Here's why you need one
Yubikey 5C NFC

This is the ultimate security key. Here's why you need one

Security
He flew American Airlines, she flew United. For both, the unthinkable happened
screen-shot-2022-06-30-at-10-14-36-am.png

He flew American Airlines, she flew United. For both, the unthinkable happened

Business
CERN is firing up its Large Hadron Collider at record energy levels, in search of dark matter
cern-photo-202011-145-2.jpg

CERN is firing up its Large Hadron Collider at record energy levels, in search of dark matter

Innovation