array(4) { [0]=> array(13) { ["rid"]=> int(3) ["title"]=> string(71) "Protect Your Network from the SSL v3.0 "POODLE" Vulverability" ["image"]=> string(32) "/img/uploads/banner_AntiSpam.jpg" ["synopsis"]=> string(204) "A new vulnerability announced in October regards the Secure Sockets Layer version 3 (SSL v3.0) protocol when using a block cipher in Cipher Block Chaining (CBC) mode, identified in advisory CVE-2014-3566." ["response"]=> string(430) "

A new vulnerability announced in October regards the Secure Sockets Layer version 3 (SSL v3.0) protocol when using a block cipher in Cipher Block Chaining (CBC) mode, identified in advisory CVE-2014-3566. ZyXEL Communications is aware of this POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability and offers solutions to protect your network from this new threat with our diverse range of Security products.

" ["cats"]=> string(42) "a:3:{i:0;s:1:"1";i:1;s:1:"4";i:2;s:1:"5";}" ["tags"]=> string(6) "a:0:{}" ["status"]=> string(9) "published" ["updated"]=> int(1494952719) ["views"]=> int(0) ["author"]=> int(11) ["in_main"]=> int(1) ["hits"]=> int(193) } [1]=> array(13) { ["rid"]=> int(14) ["title"]=> string(40) "Zyxel advisory for the BlackNurse attack" ["image"]=> string(50) "http://onesecurity.zyxel.com/img/uploads/table.png" ["synopsis"]=> string(490) "A recently publicized “BlackNurse” attack, which sends a low volume of ICMP (Internet Control Message Protocol) Type 3 Code 3 requests to targets, could overload the target’s host CPU, slow down the target’s response, and result in denial of service (DoS). The attack targets firewalls and other network equipment of various brands. However, the attack has not been classified as a security vulnerability because no CVE identifiers or other vulnerability numbers have been assigned." ["response"]=> string(943) "

A recently publicized “BlackNurse” attack, which sends a low volume of ICMP (Internet Control Message Protocol) Type 3 Code 3 requests to targets, could overload the target’s host CPU, slow down the target’s response, and result in denial of service (DoS). The attack targets firewalls and other network equipment of various brands. However, the attack has not been classified as a security vulnerability because no CVE identifiers or other vulnerability numbers have been assigned.

Is my Zyxel product at risk?

The disclosure suggested two Zyxel products are affected, as listed in Table 1. Zyxel is aware of the attack and will provide patches to strengthen security and guard customers against the threats.

Please contact your local service or sales representatives if you require any further assistance. To report security vulnerabilities, contact: security@zyxel.com.tw

" ["cats"]=> string(30) "a:2:{i:0;s:1:"4";i:1;s:1:"5";}" ["tags"]=> string(2) "N;" ["status"]=> string(9) "published" ["updated"]=> int(1498852185) ["views"]=> int(0) ["author"]=> int(11) ["in_main"]=> int(1) ["hits"]=> int(193) } [2]=> array(13) { ["rid"]=> int(15) ["title"]=> string(33) "Guard against WannaCry ransomware" ["image"]=> string(0) "" ["synopsis"]=> string(482) "A recent ransomware attack, known as WannaCry, is affecting a large number of businesses and organizations worldwide. Targeting unpatched Microsoft Windows operating systems, the malware exploits a flaw in Remote Desktop Protocol (RDP) or Windows Server Message Block (SMB) Protocol to lock users out of their systems until ransoms are paid.nnAn immediate action recommended is to apply the Microsoft MS17-010 patch on the unpatched Microsoft systems to close off the vulnerability." ["response"]=> string(1795) "

A recent ransomware attack, known as WannaCry, is affecting a large number of businesses and organizations worldwide. Targeting unpatched Microsoft Windows operating systems, the malware exploits a flaw in Remote Desktop Protocol (RDP) or Windows Server Message Block (SMB) Protocol to lock users out of their systems until ransoms are paid.

An immediate action recommended is to apply the Microsoft MS17-010 patch on the unpatched Microsoft systems to close off the vulnerability.

If you are a Zyxel ZyWALL firewall user and are using the Anti-Virus and Intrusion Detection and Prevention (IDP) services, there’s more you can do:

1. Use Anti-Virus to detect and block the malware

Gateway Anti-Virus catches malware at its first point of entry, preventing it from spreading across the internal network. Make sure your Anti-Virus signature is running on version 2.0.1.632 or above, and install the daily signature updates to protect yourselves from any of its variants.

2. Turn on your IDP service to prevent abnormal behaviors

When someone attempts to make use of the Microsoft MS17-010 exploit to start the attack, the IDP service is in place to prevent it from happening.

If your USG/ZyWALL device is running on firmware version ZLD 4.25, make sure your IDP signature is updated to version 3.2.4.051 or above.

For those with USG/ZyWALL firmware ZLD 4.20 or earlier, please update to IDP signature version 3.1.4.255 for the most up-to-date protection.

Fighting malware is a never-ending battle. Find out more tips here to defend your data from ransomware attacks.

Please contact your local service representatives if you require further information or assistance.

 

" ["cats"]=> string(30) "a:2:{i:0;s:1:"4";i:1;s:1:"5";}" ["tags"]=> string(2) "N;" ["status"]=> string(9) "published" ["updated"]=> int(1498852154) ["views"]=> int(0) ["author"]=> int(11) ["in_main"]=> int(1) ["hits"]=> int(193) } [3]=> array(13) { ["rid"]=> int(17) ["title"]=> string(30) "Guard against Petya ransomware" ["image"]=> string(0) "" ["synopsis"]=> string(343) "A recent variant of Petya ransomware, known as “ExPetr” or “NotPetya” or “GoldenEye”, is spreading rapidly across the world this week. Similar to the earlier WannaCry malware, the recent attack utilizes the EternalBlue exploit against the MS17-010 vulnerability to attack unpatched Microsoft Windows-based workstations and servers." ["response"]=> string(2361) "

A recent variant of Petya ransomware, known as “ExPetr” or “NotPetya” or “GoldenEye”, is spreading rapidly across the world this week. Similar to the earlier WannaCry malware, the recent attack utilizes the EternalBlue exploit against the MS17-010 vulnerability to attack unpatched Microsoft Windows-based workstations and servers.

If you’re a Zyxel ZyWALL USG user and are using Anti-Virus and Intrusion Detection and Prevention (IDP) services, please follow the steps below to guard against the attacks:

  1. Apply the Microsoft MS17-010 patch on your Microsoft systems, if you haven’t done yet

  2. Enable the Intrusion Detection and Prevention (IDP) service

    When someone attempts to make use of the Microsoft MS17-010 exploit to start the attack, the IDP service is in place to prevent it from happening. If your ZyWALL USG device is running on firmware version ZLD 4.25, make sure your IDP signature is updated to version 3.2.4.055or above. For those with ZyWALL USG firmware ZLD 4.20 or earlier, please update to IDP signature version 3.1.4.267 or above.

  3. Enable the Anti-Virus/Anti-Malware service

    Gateway Anti-Virus catches malware at its first point of entry, preventing it from spreading across the internal network. Make sure your Anti-Virus signature is updated to version 2.0.1.678 or above.

Fighting malware is a never-ending battle. Find out more tips here to defend your data from ransomware attacks. Please contact your local service representatives if you require further information or assistance. 

" ["cats"]=> string(2) "N;" ["tags"]=> string(2) "N;" ["status"]=> string(9) "published" ["updated"]=> int(1498848009) ["views"]=> int(0) ["author"]=> int(11) ["in_main"]=> int(1) ["hits"]=> int(193) } }