Attackers using a feature common to many firewalls, switches and other networking gear could silently hijack Web sessions on mobile and desktop devices, according to a research paper presented by two Ph.D students from the University of Michigan. Their findings could have big implications for networking equipment and firewall vendors such as Cisco Systems, Juniper Networks and Check Point. The researchers presented their findings at the IEEE Security And Privacy Conference in San Francisco, California on Tuesday and in a paper Off-Path TCP Sequence Number Inference Attack: How Firewall Middleboxes Reduce Security
Source: https://threatpost.com/common-firewall-feature-enables-tcp-hijacking-attacks-052312/76600/