2021, Firewall, Information Security and VPN

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 2020 VPN series running firmware ZLD V4.60 Patch1 in April 2021 NXC5500 V6.10 Patch1 in April 2021. patch 0).

Firewall

Firewall VPN Firmware Passwords

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions.

VPN

VPN Firewall Firmware Authentication

CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN

Security Affairs

NOVEMBER 11, 2021

Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Palo Alto Networks disclosed a critical remote code execution vulnerability, tracked as CVE-2021-3064 , in its GlobalProtect portal and gateway interfaces. 2021-11-10: This report was published.

VPN

VPN Firewall Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall

Firewall VPN Firmware Internet

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN

VPN Firewall Accountability Cybersecurity

Cisco will not patch critical flaw CVE-2021-34730 in EoF routers

Security Affairs

AUGUST 19, 2021

Cisco has no plan to fix a critical code execution flaw (CVE-2021-34730) in small business RV110W, RV130, RV130W, and RV215W routers. Cisco has no plan to address a critical code execution vulnerability, tracked as CVE-2021-34730, that affects small business RV110W, RV130, RV130W, and RV215W routers. Pierluigi Paganini.

Small Business

Small Business Wireless VPN Firewall

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021 , in the operating system ( PAN?OS x base score of 10. . x base score of 10. Pierluigi Paganini.

Firewall

Firewall Authentication VPN Advertising

SonicWall addresses critical CVE-2021-20026 flaw in NSM devices

Security Affairs

JULY 6, 2021

Positive Technologies researcher Nikita Abramov has provided details about the CVE-2021-20026 command injection vulnerability that affects SonicWall’s Network Security Manager (NSM) product. reads the security advisory published by SonicWall. .” This vulnerability only impacts on-premises NSM deployments.

Authentication

Authentication Network Security VPN Firewall

Do Not Confuse Next Generation Firewall And Web Application Firewall

SiteLock

OCTOBER 21, 2021

Some information security specialists confuse the concepts of WAF and NGFW. Let us start with the abbreviations that define the categories of information security products: WAF stands for Web Application Firewall , NGFW stands for Next Generation Firewall. We have an NGFW, do we need a WAF?"

Firewall

Firewall Information Security Penetration Testing Banking

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v

VPN

VPN Firewall Firmware Authentication

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence

Artificial Intelligence VPN Hacking Firewall

Cisco will not release updates to fix critical RCE flaw in EoF Business Routers

Security Affairs

APRIL 9, 2021

According a security advisory published by the company, Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers are affected by Remote Command Execution vulnerability that resides in the Management Interface. The flaw, tracked as CVE-2021-1459, has been rated with a CVSS score of 9.8

Small Business

Small Business Wireless VPN Firewall

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

Security Affairs

FEBRUARY 8, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities VPN Manufacturing Firewall

APTs will exploit Palo Alto Networks’s PAN-OS flaw soon, US Cyber Command says

Security Affairs

JUNE 30, 2020

Cyber Command believes foreign APTs will likely attempt to exploit the recently addressed flaw in Palo Alto Networks’s PAN-OS firewall OS. Recently Palo Alto Network addressed a critical vulnerability , tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall.

Firewall

Firewall Authentication VPN Hacking

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs

DECEMBER 13, 2023

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Small Business

Small Business Technology VPN Manufacturing

Security Affairs newsletter Round 300

Security Affairs

FEBRUARY 7, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here.

DDOS

DDOS Firewall Ransomware Encryption

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Energy and Utilities

Energy and Utilities Telecommunications Technology VPN

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs

MAY 25, 2023

The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure. In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

Accountability

Accountability VPN Manufacturing Firewall

Security Affairs newsletter Round 320

Security Affairs

JUNE 27, 2021

thousand servers are still vulnerable Mercedes-Benz data breach impacted roughly 1000 individuals Microsoft: Russia-linked SolarWinds hackers breached three new entities. thousand servers are still vulnerable Mercedes-Benz data breach impacted roughly 1000 individuals Microsoft: Russia-linked SolarWinds hackers breached three new entities.

Ransomware

Ransomware VPN Firewall Hacking

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

JANUARY 6, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. hat tip @nathanqthai & @ackmage [link] pic.twitter.com/p8zIubXdzL — GreyNoise (@GreyNoiseIO) January 4, 2021. The vulnerability was discovered by the security researcher Niels Teusink from EYE.

Firmware

Firmware Passwords Accountability VPN

CISA is warning of vulnerabilities in GE Power Management Devices

Security Affairs

MARCH 23, 2021

GE provides additional mitigations and information about these vulnerabilities in GE Publication Number: GES-2021-004 (login required).” The most severe issue addressed by the vendor is a critical “ INSECURE DEFAULT VARIABLE INITIALIZATION ” issue tracked as CVE-2021-27426 and rated with a CVSS score of 9.8

Firmware

Firmware VPN Firewall Risk

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

We look at three RSAC 2021 sessions and some of the most daunting vulnerabilities presented by the SANS Institute, Cybersecurity and Infrastructure Security Agency (CISA), and Varonis Systems. Also Read: And the Winner of the 2021 RSA Innovation Contest is… SANS: Five dangerous new attack techniques and vulnerabilities.

Software

Software Firmware DNS VPN

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

The Last Watchdog

JUNE 4, 2019

Maryland was one of the very first states to recognize the importance of information security, not only as a critical issue for the nation, but also as a strategic industry for the state,” said Governor Larry Hogan. million unfilled cybersecurity positions globally by 2021 – up from 1 million in 2014. The current number of U.S.

Cybersecurity

Cybersecurity Computers and Electronics Technology Marketing

CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack

Security Affairs

JULY 5, 2021

Implement allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/or Place administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network.

Ransomware

Ransomware VPN Backups Firewall

Threats to ICS and industrial enterprises in 2022

SecureList

NOVEMBER 23, 2021

And plans to improve information security and introduce new protection tools and measures are predicated, in some way, on the chosen adversary model. In 2021, for instance, we have seen many industries brought to a standstill and tens of millions of dollars paid out to ransomwarers. Building on the success of 2021.

Spyware

Spyware Phishing Cybercrime Energy and Utilities

How to Save Your Organization $9.05 Million with a Nominal Investment in Cybersecurity

CyberSecurity Insiders

SEPTEMBER 3, 2021

MINNEAPOLIS–( BUSINESS WIRE )–According to the Ponemon Institute’s 2021 “Cost of a Data Breach” report, the average total cost of a data breach in the United States is $9.05 To put that into perspective, a breach that occurred on New Year’s Day 2021 may not be fully contained until October 14. million – up from $8.64

Cybersecurity

Cybersecurity Data breaches Threat Detection Technology

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

#Spy #Ousaban I Found old sample that work in same way of mentioned tweet Reference [link] Run [link] cc @ffforward @lazyactivist192 @sirpedrotavares @sugimu_sec @verovaleros @Jan0fficial @guelfoweb @1ZRR4H @__4ndr3y [link] pic.twitter.com/szw5ngFr6z — JAMESWT (@JAMESWT_MHT) February 3, 2021. MSI file – The Javali Dropper.

Antivirus

Antivirus Malware Banking Internet

Black Hat USA 2023 NOC: Network Assurance

Cisco Security

AUGUST 28, 2023

For example, an IP tried AndroxGh0st Scanning Traffic against the Registration server, blocked by Palo Alto Networks firewall. With this information, the NOC leadership approved the shunning of the IP. In addition to the SPAN, we requested that Palo Alto send NetFlow from their Firewalls to CTB.

Wireless

Wireless DNS Mobile Technology

Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 31, 2024

Expert found a backdoor in XZ tools used many Linux distributions German BSI warns of 17,000 unpatched Microsoft Exchange servers Cisco warns of password-spraying attacks targeting Secure Firewall devices American fast-fashion firm Hot Topic hit by credential stuffing attacks Cisco addressed high-severity flaws in IOS and IOS XE software Google: China (..)

Artificial Intelligence

Artificial Intelligence Scams Hacking Cybercrime

Cyber Security Informer

Expert found a secret backdoor in Zyxel firewall and VPN

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Webinars

Trending Sources

CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN

Webinars

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Cisco will not patch critical flaw CVE-2021-34730 in EoF routers

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

SonicWall addresses critical CVE-2021-20026 flaw in NSM devices

Do Not Confuse Next Generation Firewall And Web Application Firewall

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Cisco will not release updates to fix critical RCE flaw in EoF Business Routers

China-linked APT Volt Typhoon remained undetected for years in US infrastructure

APTs will exploit Palo Alto Networks’s PAN-OS flaw soon, US Cyber Command says

China-linked APT Volt Typhoon linked to KV-Botnet

Security Affairs newsletter Round 300

FBI chief says China is preparing to attack US critical infrastructure

China-linked APT Volt Typhoon targets critical infrastructure organizations

Security Affairs newsletter Round 320

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

CISA is warning of vulnerabilities in GE Power Management Devices

The Biggest Lessons about Vulnerabilities at RSAC 2021

GUEST ESSAY: The story behind how DataTribe is helping to seed ‘Cybersecurity Valley’ in Maryland

CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack

Threats to ICS and industrial enterprises in 2022

How to Save Your Organization $9.05 Million with a Nominal Investment in Cybersecurity

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Black Hat USA 2023 NOC: Network Assurance

Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected