2015, Firewall and Internet - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall

Firewall Passwords Accountability Advertising

The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products

Schneier on Security

OCTOBER 28, 2020

At the end of 2015, the maker of internet switches disclosed that it had detected malicious code in some firewall products. Researchers later determined that hackers had turned the firewalls into their own spy tool here by altering Juniper’s version of Dual EC. Juniper said little about the incident.

Firewall

Firewall Surveillance Government Internet

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

Firewall

Firewall VPN Passwords Internet

Spying on satellite internet comms with a $300 listening station

Security Affairs

AUGUST 10, 2020

An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference , explained that satellite internet communications are susceptible to eavesdropping and signal interception.

Internet

Internet Internet Advertising Encryption

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. “If only 153,414 devices on the internet are patched, that leaves 335,923 / 489,337 = 69% unpatched.” ” continues the report.

Firewall

Firewall VPN Firmware Internet

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

DECEMBER 8, 2020

Locking down web gateways and erecting a robust firewall were considered the be-all and end-all. Related: The shared burden of securing the Internet of Things. Company networks must support endless permutations of users and apps, both on-premises and in the Internet cloud. Fast forward to the 21 st Century’s third decade.

Firewall

Firewall Digital transformation Internet Internet

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

. “A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. “This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”

VPN

VPN Firewall Advertising Internet

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone. The researchers scanned the Internet for printers that are exposing their Internet Printing Protocol (IPP) port online. and printers (or print servers).

Internet

Internet Internet Firmware Advertising

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Despite billions of dollars spent on the latest, greatest antivirus suites, firewalls and intrusion detection systems, enterprises continue to suffer breaches that can be traced back to the actions of a single, unsuspecting employee. Promising metrics Since its launch in March 2015, Lucy has grown to 23 employees, with zero outside funding.

Social Engineering

Social Engineering Engineering Phishing Banking

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

Based on a case study in 2015 , Akamai strengthened the theory that the malware may be of Asian origin based on its targets. Since Linux is deployed on many IoT (Internet of Things) devices and cloud infrastructures, we are likely to see DDoS (distributed denial-of-system) attacks from botnets that have compromised such devices.

Malware

Malware DDOS IoT DNS

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. and 7 p.m., power grid ( Energywire , April 30).

Energy and Utilities

Energy and Utilities Firewall Firmware Advertising

CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Security Affairs

JULY 24, 2020

Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Researchers from Rapid7 scanned the Internet for ASA/FTD devices, it reported the presence of 85,000 units, 398 of which are spread across 17% of the Fortune 500.

Firewall

Firewall Advertising Software Hacking

Juniper Networks addressed many issues in its products

Security Affairs

JULY 10, 2020

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Half a dozen of the flaws are DoS issues that have been rated high severity. Pierluigi Paganini.

Firmware

Firmware Advertising Firewall Hacking

Cybersecurity Report: July 21, 2015

SiteLock

AUGUST 27, 2021

The Latest Security Law Illustrates The Chinese Government’s Love-Hate Relationship with The Internet. Other sections reflects the government’s focus on tightening policies for China’s internet companies. Boston is now developing a next-generation firewall to protect the Hub from cyberattacks, which is a part of an effort to spend $3.5

Cybersecurity

Cybersecurity Data breaches Firewall Internet

Chinese APT Exploits Zero-Day in Versa Director, Targets Global IT

SecureWorld News

AUGUST 28, 2024

In a concerning development for cybersecurity professionals worldwide, the Chinese state-backed hacking group known as Volt Typhoon has been linked to a series of sophisticated attacks exploiting a Zero-Day vulnerability in Versa Director, a critical management platform used by Internet Service Providers (ISPs) and Managed Service Providers (MSPs).

Firewall

Firewall VPN Accountability Internet

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

Below the recommendations provided by ESET on how to configure remote access correctly: Disable internet-facing RDP. If that is not possible, minimize the number of users allowed to connect directly to the organization’s servers over the internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Internet Internet Advertising

KCodes NetUSB flaw impacts millions of SOHO routers

Security Affairs

JANUARY 12, 2022

According to the report published by SentinelOne, a threat actor could send crafted commands to internet-connected routers on port 20005. “Provided there were no firewall rules in place to block it, that would mean it was listening on the WAN as well as the LAN. ” reads the report.

Internet

Internet Internet Firewall Hacking

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models. “This could be accomplished in a number of ways, most notably with firewall rules/whitelisting.”

Firmware

Firmware Internet Internet Advertising

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Configure network firewalls to block unauthorized IP addresses and disable port forwarding. Pierluigi Paganini. SecurityAffairs – hacking, FBI).

DDOS

DDOS IoT Internet Internet

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

The worm also steals local credentials, and scans the internet for misconfigured Docker platforms.” Use firewall rules to limit any access to Docker APIs. We strongly recommend using a whitelisted approach for your firewall ruleset. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firewall

Firewall Advertising Cryptocurrency Malware

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. After filtering out most of the false positives, we were left with more than 800,000 printers that had network printing features enabled and were accessible over the internet.

Hacking

Hacking IoT Firmware Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the report.

IoT

IoT Firmware DNS Advertising

Don’t Panic: Website Defacements from 2015

SiteLock

AUGUST 27, 2021

Bad actors have attacked websites since the beginning of the internet. If you take basic security measures like a web application firewall and malware scanner, defacements can be avoided. Website defacement occurs when a bad actor gains access to the site files, and replaces the index or home page with their own page.

Backups

Backups Firewall Hacking Malware

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Security Affairs

JANUARY 17, 2020

China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. The Great Firewall project already blocked access to more hundreds of the world’s 1,000 top websites, including Google, Facebook, Twitter, and Dropbox.

VPN

VPN Firewall Advertising Media

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

OCTOBER 17, 2018

The exploitation of this vulnerability could cause major problems on the Internet. million servers running RPCBIND on the Internet. On that day, one of the web application firewalls (WAFs) installed in the XLabs SOC (security operations center) detected an abnormal pattern of network traffic that caught the eye of Mauricio.

DDOS

DDOS Internet Internet System Administration

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

Even a device that is reaching outbound to the internet could be attacked and taken over. “As an example of this scenario, consider how such an attack can take over the SonicWall firewall, which runs on the impacted VxWorks OS.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Risk

Risk IoT Firewall DNS

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. Experts also recommend to access admin endpoints only through firewall or VPN gateway. ” concludes the experts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising Firewall

Cyber Defense Magazine – September 2019 has arrived. Enjoy it!

Security Affairs

SEPTEMBER 4, 2019

In addition, we’re shooting for 7x24x365 uptime as we continue to scale with improved Web App Firewalls, Content Deliver Networks (CDNs) around the Globe, Faster and More Secure DNS and CyberDefenseMagazineBackup.com up and running as an array of live mirror sites.

DNS

DNS Firewall Advertising Mobile

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. “He’d been told the organization had an extensive system to prevent cyberattacks, but this new virus evaded all their firewalls and antivirus software. . Pierluigi Paganini.

Antivirus

Antivirus Malware Phishing Advertising

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

CISA also published a security advisory for these vulnerabilities, the US agency provided the following recommendations to the users: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Authentication Firewall Hacking

The strengths and weaknesses of different VPN protocols

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Different protocols create different ways that connect your device and the internet through encrypted tunnels. Firewalls can easily block it because it only communicates over UDP.

VPN

VPN Encryption Firewall Internet

China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors

Security Affairs

DECEMBER 5, 2019

The Great Cannon has been used in the past to knock-out two anti-censorship GitHub pages and the GreatFire.org (a portal that exposes internet censorship worldwide ). ” states a report published by Citizen Lab researchers published in 2015. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Firewall Advertising Government

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. Scan all software downloaded from the Internet prior to executing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Scan all software downloaded from the Internet prior to executing.

Malware

Malware Passwords Advertising Antivirus

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

In addition to installing the patches from Microsoft, Windows users can mitigate attacks: Block TCP Port 3389 at your firewalls, especially any perimeter firewalls exposed to the internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Enable Network Level Authentication. Pierluigi Paganini.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP or Internet Protocol address is your digital identity on the internet. It may be used to download unauthorized stuff or may be used for uploading disputed content on the internet. It disguises your original identity and location and allows you to access the internet from a remote server. Secure Your Router.

Hacking

Hacking VPN Internet Internet

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

The hackers targeted unnamed companies in software development, e-commerce, and an internet service provider around the world, including Poland, Germany, Turkey, Korea, Japan, and India. MATA is also able to target Linux-based diskless network devices, including such as routers, firewalls, or IoT devices. ” concludes the report.

Malware

Malware Ransomware Advertising Encryption

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The Lokibot malware has been active since 2015, it is an infostealer that was involved in many malspam campaigns aimed at harvest credentials from web browsers, email clients, admin tools and that was also used to target cryptocoin-wallet owners. Scan all software downloaded from the internet prior to executing.

Malware

Malware Passwords Advertising Antivirus

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. Passwords can be found in p roduct documentation and compiled lists available on the Internet.”

DDOS

DDOS Hacking Internet Internet

sPower it the first renewable energy provider hit by a cyber attack that caused communications outages

Security Affairs

NOVEMBER 1, 2019

” Threat actors exploited a known flaw in Cisco firewalls to disrupt communications over a span of about 12 hours, according to the emergency report sPower filed with the Department of Energy. Hackers were only focused on exploiting the flaws in Cisco firewalls used by organizations in every industry.

Cyber Attacks

Cyber Attacks Firewall Advertising Cybersecurity

WECON PI Studio HMI software affected by code execution flaws

Security Affairs

OCTOBER 8, 2018

Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Locate control system networks and remote devices behind firewalls, and isolate them from the business network. Pierluigi Paganini. Security Affairs – WECON, SCADA ).

Software

Software Manufacturing Advertising Firewall

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

“Do not leave the product directly exposed to the internet. If possible, connect it to a security router or firewall for additional protection,” Zyxel recommends. . CERT/CC also provides mitigations such as blocking access to the web interface (80/tcp and 443/tcp) and avoiding exposing the NAS to the Internet.

Authentication

Authentication Firmware Advertising Internet

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

It is better to use ICAP (Internet Content Adaptation Protocol) servers or excellent Antivirus systems to protect the data of your company. API Firewalling. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Call Security Experts. Share as Little as Possible. That is the case, at least for APIs!

Authentication

Authentication Firewall Encryption Passwords

MyBook Users Urged to Unplug Devices from Internet

Hackers exploit SQL injection zero-day issue in Sophos firewall

Trending Sources

The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products

Sophos fixed a critical vulnerability in Cyberoam firewalls

Spying on satellite internet comms with a $300 listening station

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

A daily average of 80,000 printers exposed online via IPP

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

Massive increase in XorDDoS Linux malware in last six months

DoS attack the caused disruption at US power utility exploited a known flaw

CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Juniper Networks addressed many issues in its products

Cybersecurity Report: July 21, 2015

Chinese APT Exploits Zero-Day in Versa Director, Targets Global IT

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

KCodes NetUSB flaw impacts millions of SOHO routers

79 Netgear router models affected by a dangerous Zero-day

FBI warns cyber actors abusing protocols as new DDoS attack vectors

TeamTNT is the first cryptomining bot that steals AWS credentials

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

New Ttint IoT botnet exploits two zero-days in Tenda routers

Don’t Panic: Website Defacements from 2015

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Cyber Defense Magazine – September 2019 has arrived. Enjoy it!

Microsoft’s case study: Emotet took down an entire network in just 8 days

Flaws in leading industrial remote access systems allow disruption of operations

The strengths and weaknesses of different VPN protocols

China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

NSA urges Windows Users and admins to Patch BlueKeep flaw

5 Ways to Protect Yourself from IP Address Hacking

New MATA Multi-platform malware framework linked to NK Lazarus APT

CISA’s advisory warns of notable increase in LokiBot malware

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

sPower it the first renewable energy provider hit by a cyber attack that caused communications outages

WECON PI Studio HMI software affected by code execution flaws

Zyxel addresses Zero-Day vulnerability in NAS devices

API Security and Hackers: What?s the Need?

Top IoT Security Solutions of 2021

Stay Connected