Attackers can run network tunnels via TCP SYN packets
Security researchers have uncovered a way to beat enterprise-grade firewalls and siphon data out of corporate networks via TCP handshakes.
The vulnerability, codenamed FireStorm, was discovered in a joint investigation by BugSec Group and Cynet. According to the researchers, the vulnerability resides in how enterprise firewalls treat TCP connections.
http://i1-news.softpedia-static.com/images/fitted/620x/firestorm-vulnerability-leaves-next-gen-enterprise-firewalls-open-to-attacks-497481-3.jpg
Full Article