Firewall, Firmware, Information Security and Internet

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. The security firm reported that this vulnerability is being used in attacks against a small set of specific organizations, primarily in South Asia. reads the advisory. “A MR5 (18.5.5), v19.0

Firmware

Firmware Firewall Internet Internet

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall

Firewall Hacking Firmware Internet

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. USG FLEX ZLD V4.60 VPN ZLD V4.60

Firewall

Firewall Firmware VPN DDOS

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall

Firewall VPN Firmware Passwords

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Zyxel fixed firewall unauthenticated remote command injection issue

Security Affairs

MAY 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) If possible, enable automatic firmware updates. Commands are executed as the nobody user.”

Firewall

Firewall Firmware VPN Wireless

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 17, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. reads the report published by Rapid7.

Firewall

Firewall VPN Firmware Internet

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Security Affairs

JANUARY 14, 2024

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

Firewall

Firewall Firmware Cyber Attacks VPN

Danish critical infrastructure hit by the largest cyber attack in Denmark’s history

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

Cyber Attacks

Cyber Attacks Firmware Firewall VPN

Multiple DDoS botnets were observed targeting Zyxel devices

Security Affairs

JULY 22, 2023

Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. The cause of the vulnerability is the improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35. through 5.35.

DDOS

DDOS Firmware VPN Firewall

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 The password for this account can be found in cleartext in the firmware.” reads the advisory published by NIST.

Firmware

Firmware Passwords Accountability VPN

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. and 7 p.m., power grid ( Energywire , April 30).

Energy and Utilities

Energy and Utilities Firewall Firmware Advertising

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

79 Netgear router models are vulnerable to a severe unpatched security vulnerability that can be exploited by remote attackers to take over devices. A whopping 79 Netgear router models are vulnerable to a severe security flaw that can let hackers take over devices remotely. ” reads the analysis published by GRIMM.

Firmware

Firmware Internet Internet Advertising

A critical flaw in industrial automation systems opens to remote hack

Security Affairs

NOVEMBER 29, 2020

.” Experts used the search engines for Internet-connected devices, like Shodan.io, to search for ENIP-compatible internet-facing devices and discovered more than 8,000 systems exposed online. Experts was that vendors may have bought vulnerable versions of this stack before the 2012 update and are still using it in their firmware.

Hacking

Hacking Firmware Internet Internet

Dovecat crypto-miner is targeting QNAP NAS devices

Security Affairs

JANUARY 21, 2021

” reads the security advisory published by the vendor. “According to analysis, QNAP NAS can become infected when they are connected to the Internet with weak user passwords.” Install Security Counselor and run with Intermediate Security Policy (or above). Install a firewall.

Cryptocurrency

Cryptocurrency Firmware Malware Passwords

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. According to the experts, Tenda routers running a firmware version between AC9 to AC18 are vulnerable to the attack.

IoT

IoT Firmware DNS Advertising

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

The devices halted displaying the following error message: “System enters error-mode due to FIPS error: Firmware Integrity self-test failed” The failure of the integrity test blocks the reboot of the device to protect the integrity of the network. ” reads the report published by Mandiant.

Firewall

Firewall Manufacturing Government Firmware

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

JUNE 23, 2021

“A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”. 6.5.1.12, 6.0.5.3,

VPN

VPN Firewall Firmware Authentication

Juniper Networks addressed many issues in its products

Security Affairs

JULY 10, 2020

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. The company published a list of security advisories to inform its customers of the vulnerabilities in its products.

Firmware

Firmware Advertising Firewall Internet

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

I wrote an article recently on how to secure your home network in three different tiers of protection. In that piece I wanted to link to some safe internet practices—which some used to call Safe Hex—but I couldn’t find anything newer than nine years old. Keep your firmware and software updated.

Risk

Risk Password Management Passwords Accountability

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

For example, a vulnerability in a wi-fi router firewall configuration may expose Windows 95 machines required to run manufacturing equipment. Common mitigations include, but are not limited to: Deploy mitigating security control such as a new security tool (Firewall, etc.)

Penetration Testing

Penetration Testing Risk Firmware Software

Cloud Security: The Shared Responsibility Model

eSecurity Planet

OCTOBER 20, 2022

Drivers, Firmware, Software : Cloud providers bear responsibility to secure, test, and update the software and code that supports the firmware and the basic software infrastructure of the cloud. Network, firewall, and web application firewall (WAF) hardening. Network, API, firewall, and WAF hardening.

Backups

Backups Firewall Encryption Software

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

The vendor released security updates for all these devices and urges customers to update their installs, it also released mitigations to address the flaws. “GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities.

Firmware

Firmware VPN Firewall Risk

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

. “The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. ” reads the press release published by DoJ.

Malware

Malware Government Firmware Firewall

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released. Implement and enforce multi-layer network segmentation with the most critical communications and data resting on the most secure and reliable layer.

Ransomware

Ransomware VPN Cybercrime Accountability

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. The UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities. Cyber Security: Data ‘Re’-Assurance.

Ransomware

Ransomware Passwords Scams Cyber Attacks

CryptoAgility to take advantage of Quantum Computing

Thales Cloud Protection & Licensing

MAY 4, 2021

The same goes with the advent of Quantum Computing , which is supposed to bring exponential computing power that shall not only bring endless benefits but also raises question marks on the current state of cryptography that is the bedrock of all information security as we know today. Data Firewall. Data security.

Computers and Electronics

Computers and Electronics Banking IoT Risk

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Cashdollar explained that the Silex malware trashes the storage of the infected devices, drops firewall rules and wipe network configurations before halting the system. The only way to recover infected devices is to manually reinstall the device’s firmware. pic.twitter.com/Ue661ku0fy — Larry W. ” reported ZDnet.

IoT

IoT Malware Advertising Firmware

CISA warns of critical flaws in Prima FlexAir access control system

Security Affairs

JULY 31, 2019

The attacker could then download the database and disclose login information, then use it to gain full access to the system. “To update to the latest firmware, each user should select the “Check for Upgrade” option in the “Centrals” menu in the GUI. ” concludes the CISA advisory.

Backups

Backups Authentication Advertising Firmware

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Maryland was one of the very first states to recognize the importance of information security, not only as a critical issue for the nation, but also as a strategic industry for the state,” said Governor Larry Hogan. Also disrupting new technology categories are BlueRidge AI and Refirm Labs.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

Cyber Security Informer

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Webinars

Trending Sources

Widespread exploitation by botnet operators of Zyxel firewall flaw

Webinars

Expert found a secret backdoor in Zyxel firewall and VPN

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Zyxel fixed firewall unauthenticated remote command injection issue

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Danish critical infrastructure hit by the largest cyber attack in Denmark’s history

Multiple DDoS botnets were observed targeting Zyxel devices

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

DoS attack the caused disruption at US power utility exploited a known flaw

79 Netgear router models affected by a dangerous Zero-day

A critical flaw in industrial automation systems opens to remote hack

Dovecat crypto-miner is targeting QNAP NAS devices

New Ttint IoT botnet exploits two zero-days in Tenda routers

China-linked APT likely linked to Fortinet zero-day attacks

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Juniper Networks addressed many issues in its products

10 Behaviors That Will Reduce Your Risk Online

Vulnerability Management Policy Template

Cloud Security: The Shared Responsibility Model

CISA is warning of vulnerabilities in GE Power Management Devices

US dismantled the Russia-linked Cyclops Blink botnet

Daixin Team targets health organizations with ransomware, US agencies warn

Cyber Security Roundup for June 2021

CryptoAgility to take advantage of Quantum Computing

Silex malware bricks thousands of IoT devices in a few hours

CISA warns of critical flaws in Prima FlexAir access control system

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

Stay Connected