2022, Firewall, Firmware and Information Security

2022

Firewall

Firmware

Information Security

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. The security firm reported that this vulnerability is being used in attacks against a small set of specific organizations, primarily in South Asia. reads the advisory.

Firmware

Firmware Firewall Internet Internet

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall

Firewall Hacking Firmware Internet

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall

Firewall Firmware VPN Authentication

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 17, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. Last week, Zyxel has addressed the critical CVE-2022-30525 (CVSS score: 9.8) If possible, enable automatic firmware updates. through ZLD V5.21 Patch 1 ZLD V5.30

Firewall

Firewall VPN Firmware Internet

Zyxel fixed firewall unauthenticated remote command injection issue

Security Affairs

MAY 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) If possible, enable automatic firmware updates. through ZLD V5.21 through ZLD V5.21

Firewall

Firewall Firmware VPN Wireless

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

Security Affairs

JUNE 13, 2023

“For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release. BleepingComputer reported that searching for Fortigate firewalls exposed online there are more than 250K installs worldwide , most of them in the US. through 6.2.13

Firewall

Firewall VPN Firmware Manufacturing

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Security Affairs

JANUARY 14, 2024

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

Firewall

Firewall Firmware Cyber Attacks VPN

Zyxel addressed a critical RCE flaw in its NAS devices

Security Affairs

SEPTEMBER 7, 2022

Zyxel addressed a critical vulnerability, tracked as CVE-2022-34747 , impacting its network-attached storage (NAS) devices. The CVE-2022-34747 (CVSS score: 9.8) flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. 11)C0 and earlier V5.21(AAZF.12)C0

Firewall

Firewall Firmware Authentication VPN

Alfer Microsoft, also SonicWall confirmed that its products were affected by Y2K22 bug

Security Affairs

JANUARY 8, 2022

SonicWall confirmed that some of its Email Security and firewall products have been impacted by the Y2K22 bug. Security vendor SonicWall confirmed that some of its Email Security and firewall products have been impacted by the Y2K22 bug. x firmware in MySonicWall downloads section for TZ, NSA and SOHO platforms.

Firewall

Firewall Engineering Firmware Malware

China-linked APT likely linked to Fortinet zero-day attacks

Security Affairs

MARCH 17, 2023

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328 , in attacks aimed at government organizations.

Firewall

Firewall Manufacturing Government Firmware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

FEBRUARY 28, 2024

“As early as 2022, APT28 actors had utilized compromised EdgeRouters to facilitate covert cyber operations against governments, militaries, and organizations around the world.” Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers. Upgrade to the latest firmware version.

Energy and Utilities

Energy and Utilities Government Firewall Malware

Top 6 Rootkit Threats and How to Protect Yourself

eSecurity Planet

NOVEMBER 7, 2022

Take a Look at Top Threat Intelligence Platforms for 2022. Firmware Rootkit. A firmware rootkit uses device or platform firmware to create a persistent malware image in the router, network card, hard drive or the basic input/output system (BIOS). performing regular security maintenance. Prevention.

Firmware

Firmware Malware Antivirus Firewall

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center New NKAbuse malware abuses NKN decentralized P2P network protocol Snatch ransomware gang claims the hack of the food giant Kraft Heinz Multiple flaws in pfSense firewall can lead to arbitrary code execution BianLian, White Rabbit, and Mario Ransomware Gangs Spotted (..)

Data breaches

Data breaches Cybercrime Firewall Artificial Intelligence

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Security Affairs

JANUARY 25, 2022

The vulnerability is an unauthenticated stack-based buffer overflow that was reported by Jacob Baines , lead security researcher at Rapid7. The CVE-2021-20038 vulnerability impacts SMA 100 series appliances (including SMA 200, 210, 400, 410, and 500v) even when the web application firewall (WAF) is enabled. 37sv, 10.2.1.1-19sv,

Mobile

Mobile Passwords Firmware Firewall

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

“The Justice Department today announced a court-authorized operation, conducted in March 2022, to disrupt a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm, which the U.S. ” reads the press release published by DoJ.

Malware

Malware Government Firmware Firewall

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

The Daixin Team is a ransomware and data extortion group that has been active since at least June 2022. Below are the mitigations provided in the alert: Install updates for operating systems, software, and firmware as soon as they are released. Daixin Team also exfiltrated data from victim systems using Rclone and Ngrok tools.

Ransomware

Ransomware VPN Cybercrime Accountability

Cyber Security Roundup for June 2021

Security Boulevard

JUNE 1, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, May 2021. The UK National Cyber Security Centre (NCSC) published its Smart Cities (connected places) guidance for UK local authorities. Cyber Security: Data ‘Re’-Assurance.

Ransomware

Ransomware Passwords Scams Cyber Attacks

Cyber Security Informer

Sophos backports fix for CVE-2022-3236 for EOL firewall firmware versions due to ongoing attacks

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Webinars

Trending Sources

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Webinars

CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog

Zyxel fixed firewall unauthenticated remote command injection issue

Fortinet urges to patch the critical RCE flaw CVE-2023-27997 in Fortigate firewalls

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

Zyxel addressed a critical RCE flaw in its NAS devices

Alfer Microsoft, also SonicWall confirmed that its products were affected by Y2K22 bug

China-linked APT likely linked to Fortinet zero-day attacks

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Top 6 Rootkit Threats and How to Protect Yourself

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

US dismantled the Russia-linked Cyclops Blink botnet

Daixin Team targets health organizations with ransomware, US agencies warn

Cyber Security Roundup for June 2021

Stay Connected