Security Affairs

JUNE 17, 2022

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. On March 25, Sophos announced to have fixed the authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall.

Firewall 119

Firewall DNS Authentication Malware 119

Bleeping Computer

JANUARY 7, 2022

SonicWall has confirmed today that some of its Email Security and firewall products have been hit by the Y2K22 bug, causing message log updates and junk box failures starting with January 1, 2022. [.].

Firewall 145

Firewall 145

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. This vulnerability is tracked as CVE-2024-21591.

Firewall 107

Firewall Firmware IoT Authentication 107

Security Affairs

DECEMBER 6, 2022

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. The post Sophos fixed a critical flaw in its Sophos Firewall version 19.5 Pierluigi Paganini.

Firewall 99

Firewall Wireless VPN Hacking 99

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products.

Firewall 114

Firewall VPN Authentication Cyber Attacks 114

Security Affairs

MAY 17, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. Last week, Zyxel has addressed the critical CVE-2022-30525 (CVSS score: 9.8) Most of the CVE-2022-30525 affected models are in the EU – France (4.5K) and Italy (4.4K).

Firewall 69

Firewall VPN Firmware Internet 69

Dark Reading

AUGUST 24, 2022

The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.

Firewall 122

Firewall DDOS Authentication 122

The Hacker News

MARCH 29, 2022

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks. The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 (18.5.3)

Firewall 96

Firewall Authentication Cybersecurity 96

Security Affairs

SEPTEMBER 24, 2022

Sophos warns that a critical code injection security vulnerability in its Firewall product is actively exploited in the wild. Sophos warns of a critical code injection security vulnerability, tracked as CVE-2022-3236, affecting its Firewall product which is being exploited in the wild. and impacts Firewall versions 18.5

Firewall 74

Firewall VPN Authentication Hacking 74

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. critical severity score of 9.8)

Firewall 92

Firewall VPN Authentication Hacking 92

Security Affairs

MARCH 27, 2022

Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. MR3 (18.5.3) and earlier.

Firewall 81

Firewall Authentication VPN Hacking 81

Cisco Security

MAY 20, 2022

To help our customers and partners, we have centralized all our cloud & automation resources for Secure Firewall into a single page: [link]. Our new page is organized by cloud provider and specific use case to easily deploy Secure Firewall. Cisco Live 2022 Las Vegas & sessions focused on Secure Firewall and IaC.

Firewall 106

Firewall Architecture Engineering Technology 106

Cisco Security

NOVEMBER 2, 2021

Microsoft’s recent announcement of its upcoming Azure Gateway Load Balancer is great news for organizations requiring rapidly scalable firewalls with high availability in public cloud. Cisco has partnered with Microsoft and will be supporting Cisco Secure Firewall with Azure Gateway Load Balancer. No additional configuration needed.

Firewall 107

Firewall Architecture Internet Internet 107

The Hacker News

SEPTEMBER 24, 2022

Security software company Sophos has released a patch update for its firewall product after it was discovered that attackers were exploiting a new critical zero-day vulnerability to attack its customers' network. The issue, tracked as CVE-2022-3236 (CVSS score: 9.8), impacts Sophos Firewall v19.0 MR1 (19.0.1)

Firewall 92

Firewall Software 92

Bleeping Computer

MAY 15, 2022

Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses. [.].

Firewall 100

Firewall VPN 100

Heimadal Security

JANUARY 10, 2022

Last week, Internet appliances provider SonicWall has revealed that the Y2K22 weakness has affected several of its email security and firewall products, leading to message log updates and junk box malfunctions starting January 1st, 2022.

Firewall 112

Firewall Internet Internet Cybersecurity 112

The Hacker News

MARCH 29, 2022

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition.

Firewall 94

Firewall 94

Malwarebytes

APRIL 4, 2022

In a security advisory Zyxel has urged customers to update because a security flaw can lead to the circumvention of firewall protection in several Zyxel products. Patch 5 in May 2022. Please note that the patches should have a release date of 03/29/2022 or later. The vulnerability. through ZLD V4.70 USG FLEX ZLD V4.50

Firewall 80

Firewall Firmware VPN Authentication 80

Cisco Security

DECEMBER 14, 2021

Cisco Secure Firewall Threat Defense provides unmatched security controls such as stateful firewalling, Snort3 IPS, URL filtering, malware defense, application visibility and control, and more. Cisco Secure Firewall Threat Defense 7.1 will be available on Alkira’s service marketplace early 2022.

Firewall 101

Firewall Architecture Internet Internet 101

Security Affairs

APRIL 1, 2022

Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to its Known Exploited Vulnerabilities Catalog. The new vulnerabilities added to the catalog have to be addressed by federal agencies by April 21, 2022. and impacts Sophos Firewall versions 18.5 MR3 (18.5.3)

Firewall 76

Firewall Authentication Hacking Cybersecurity 76

Security Affairs

MARCH 30, 2022

SonicWall released security updates to address a remote code execution vulnerability that affects multiple firewall appliances. The CVE-2022-22274 is a stack-based buffer overflow vulnerability in SonicOS, it was discovered by the security researcher ZiTong Wang from Hatlab. SecurityAffairs – hacking, Firewall).

Firewall 80

Firewall Hacking Information Security 80

The Hacker News

MAY 27, 2022

Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information.

Firewall 99

Firewall 99

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 91

Firewall Firmware VPN Authentication 91

The Hacker News

MAY 16, 2022

Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8

Firewall 96

Firewall Cybersecurity 96

Security Affairs

MAY 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8)

Firewall 67

Firewall Firmware VPN Wireless 67

Cisco Security

NOVEMBER 29, 2021

With traditional firewalls, network security teams are charged with the heavy lifting of deploying new solutions. According to Gartner, by 2025, 30% of new deployments of distributed branch-office firewalls will switch to firewall-as-a-service, up from less than 10% in 2021. Introduction. Starting with version 7.1

Firewall 106

Firewall Network Security Architecture VPN 106

eSecurity Planet

MARCH 27, 2023

Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. Overall, the proportion of financially motivated zero-day exploitation decreased in 2022. Far more of the 16 cases with a clear motive were state-sponsored – 13 of the zero-days tracked in 2022 appear to have been leveraged by cyber espionage groups.

Firewall 103

Firewall Internet Internet Telecommunications 103

Security Affairs

MARCH 29, 2022

Cybersecurity firm Sophos warned that the recently addressed CVE-2022-1040 flaw in Sophos Firewall is actively exploited in attacks. Sophos has recently fixed an authentication bypass vulnerability, tracked as CVE-2022-1040 , that resides in the User Portal and Webadmin areas of Sophos Firewall. MR3 (18.5.3) and earlier.

Firewall 63

Firewall Authentication Hacking Cybersecurity 63

eSecurity Planet

FEBRUARY 4, 2022

Antivirus Software WiFi 6 Routers Virtual Private Networks Password Managers Email Security Software Web Application Firewall Bot Management Software. Also Read: 4 Best Antivirus Software of 2022. Also Read: Best Enterprise VPN Solutions for 2022. Also Read: 8 Best Password Managers & Tools for 2022. Back to top.

Internet 144

Internet Internet Software Antivirus 144

Cisco Security

MARCH 30, 2022

Cisco commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study to examine the value that Secure Firewall customers could achieve by deploying Secure Firewall, Firewall Management Center, and optionally SecureX. Virtual firewall policies are also updated 80% faster.

Firewall 67

Firewall Risk Network Security Accountability 67

Security Affairs

APRIL 1, 2022

Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. Patch 5 in May 2022.

Firewall 82

Firewall VPN Firmware Authentication 82

The State of Security

OCTOBER 3, 2022

Here’s what cybersecurity news stood out to us during the week of September 26th, 2022. Sophos Firewall Zero-Day Exploited in Attacks on South […]… Read More. The post Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 26, 2022 appeared first on The State of Security.

InfoSec 113

InfoSec Cybersecurity Firewall 113

Anton on Security

JUNE 10, 2022

There are people buying their first SIEM in 2022. There are people adopting virtualization in 2022. There are people moving to “next-gen” firewalls (a great innovation of 2005) in 2022. A firewall management vendor claimed to “simplify zero trust.” But why not just accept that in 2022, SIEM = SIEM + SOAR + UEBA ?

VPN 189

VPN Marketing Firewall Passwords 189

Security Boulevard

FEBRUARY 25, 2022

CitiBank is hit with a large-scale phishing campaign, a massive cyber attack has a devastating impact at a logistics giant and a warning for Cisco’s Firepower firewalls customers. The post Cybersecurity News Round-Up: Week of February 21, 2022 appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity Firewall Cyber Attacks Phishing 98

eSecurity Planet

AUGUST 17, 2022

Congratulations to our 2022 winners – and to the hundreds more who have made our top cybersecurity product lists. Best Next-Generation Firewall (NGFW): Palo Alto Networks. Competing with firewall giants like Check Point and Fortinet, we believe the market’s best next-generation firewall (NGFW) belongs to Palo Alto Networks.

Cybersecurity 131

Cybersecurity Firewall Marketing Security Awareness 131

Security Affairs

OCTOBER 18, 2022

Fortinet confirmed that many systems are still vulnerable to attacks exploiting the CVE-2022-40684 zero-day vulnerability. Fortinet is urging customers to address the recently discovered CVE-2022-40684 zero-day vulnerability. A proof-of-concept (PoC) exploit code for the CVE-2022-40684 flaw has been released online.

Authentication 129

Authentication Firewall Hacking Risk 129

Security Affairs

JANUARY 2, 2023

These are the most-read cybersecurity articles that have been published by SecurtiyAffairs in 2022. 8 – Experts devised a technique to bypass web application firewalls (WAF) of several vendors. Claroty researchers devised a technique for bypassing the web application firewalls (WAF) of several vendors. Pierluigi Paganini.

Cybersecurity 69

Cybersecurity Firewall Banking Hacking 69