▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | GreenCity | Italian Channel Awards | Italian Project Awards | ...
InnovationOpenLab

BlastRADIUS Vulnerability Threatens Corporate Networks and Cloud – InkBridge Networks Guides Organizations Through the Fix

#AlanDeKok--The BlastRADIUS vulnerability announced July 9 by cybersecurity researchers involves the RADIUS protocol which underlies most network connections worldwide. When the researchers discovered...

Business Wire

OTTAWA, Ontario: #AlanDeKok--The BlastRADIUS vulnerability announced July 9 by cybersecurity researchers involves the RADIUS protocol which underlies most network connections worldwide. When the researchers discovered this critical vulnerability, their first call was to Alan DeKok, CEO of InkBridge Networks and the foremost expert on network authentication and RADIUS.

“The BlastRADIUS vulnerability has far-reaching implications. We believe that Internet service providers, businesses, and many cloud service providers are affected by this issue. Everyone who runs enterprise or ISP networks should be concerned,” explains DeKok.

The upgrade needed to resolve this exposure is specific to each vendor of RADIUS servers. DeKok and the team at InkBridge Networks have released a new version of FreeRADIUS to address this issue, which is available at https://inkbridgenetworks.com/blastradius.

The computer networks of most companies worldwide are exposed to the BlastRADIUS vulnerability. If this vulnerability is not corrected, unauthorized users could gain access to the network at the highest levels of authority. Organizations should act swiftly to resolve this threat.

“The problem is a design flaw in the RADIUS protocol, and is not limited to equipment from one vendor. In order to address this critical security issue, network technicians will have to install a firmware upgrade and reconfigure essentially every switch, router, GGSN, BNG, and VPN concentrator around the world,” says DeKok. “We expect to see a lot of talk and activity related to RADIUS security in the next few weeks.”

  • For businesses, universities, cloud service providers and Internet service providers using RADIUS, this issue must be addressed in order to secure network access.
  • For individuals using the Internet from home, this security vulnerability must be resolved by their Internet service provider.

The vulnerability affects systems using the RADIUS protocol, a communications procedure that underpins authenticated network access. When a user logs in to a local network using a username and password, likely the RADIUS protocol is involved in that information exchange. RADIUS servers are a foundation layer for securing corporate and ISP networks.

“You lock your office doors to protect business assets, but without RADIUS authenticated users, everyone has open access to your network, and no keys are required. Talk to your IT department, network admins, system administrators and security team about protecting your data,” says DeKok. “The discovery of the BlastRADIUS issue means that network technicians need to upgrade essentially all of the devices involved in network security, identity, and authentication.”

How to fix the BlastRADIUS vulnerability

  • We have released a new version of FreeRADIUS (https://freeradius.org) to address this issue. DeKok is one of the founders of the FreeRADIUS project, the leading RADIUS server, and the product behind most cloud identity companies.
  • Firmware updates to protect networking devices against the BlastRADIUS vulnerability are available from the vendor of your networking equipment.
  • DeKok and InkBridge Networks will host a webinar on Tuesday, July 9th 2024 at 9:00 AM (EDT) to discuss the implications and solutions to BlastRADIUS. Sign up here to attend or receive the recording.
  • A second webinar will be hosted later in the day Tuesday, July 9th 2024 at 14:00 (EDT). Sign up here to attend or receive the recording.
  • For background about the BlastRADIUS vulnerability and the solution, visit the BlastRADIUS information page here https://inkbridgenetworks.com/blastradius/faq.
  • InkBridge Networks offers documentation and an audit service that will assess a system’s exposure to BlastRADIUS and other network infrastructure issues. Review those options here: https://inkbridgenetworks.com/blastradius.

About InkBridge

InkBridge Networks engineers, supports, and installs foundational network solutions for authentication and network security. The core team at InkBridge Networks founded and continues to maintain the open-source FreeRADIUS Project, the world’s most popular RADIUS server, supporting 100s of millions of users every day.

Formerly known as Network RADIUS, the company has an international team of network access architects and engineers with decades of experience providing complex, low-risk network solutions, including RADIUS, DHCPv4, DHCPv6, TACACS+, and DNS. InkBridge Networks provides solutions engineering, support packages, consulting, and training optimized for mid-size to large enterprises, Internet service providers and universities. InkBridge products are used by OEM vendors as the basis for nearly all available RADIUS solutions.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Fintech: Links tests the use of exponential technologies in the banking…

Links Management and Technology just concluded the testing phase of a research project focused on banking transformation

Axyon AI: Italian Artificial Intelligence for Finance applications

Axyon AI offers an AI platform specifically designed for asset management, with several interesting strengths for those approaching machine/deep learning…

Italian Artificial Intelligence tackles medical emergencies at sea

Mermaid-AI is a telehealth platform at sea based on a visor equipped with an AR, medical Artificial Intelligence algorithms, satellite communications…

Most read

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Biostate AI Launches Total RNA Sequencing and Free Data Analysis AI

Biostate AI, the scalable biodata foundry startup, emerges from stealth today with the launch of two service products: Total RNA sequencing and Copilot…

GlassHive Announces Integration with ConnectWise to Elevate the ConnectWise…

#businessautomation--GlassHive, a trailblazer in sales and marketing automation, has announced an integration with ConnectWise, a leading provider of…

ISG to Announce Second-Quarter Financial Results

$III #earnings--Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm, said today it will release its…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!