Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 1 ZLD V5.36

Firewall 94

Firewall VPN Authentication Hacking 94

The Hacker News

JUNE 11, 2023

Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution.

Firewall 99

Firewall VPN Authentication 99

Security Affairs

AUGUST 28, 2023

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. In mid-August, Juniper addressed four medium-severity (CVSS 5.3)

Firewall 87

Firewall Authentication Hacking Information Security 87

The Hacker News

NOVEMBER 30, 2023

Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection.

Firewall 87

Firewall Authentication 87

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy. through 6.2.13

Firewall 83

Firewall VPN Firmware Manufacturing 83

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, in its firewall devices.

Firmware 89

Firmware Firewall Authentication VPN 89

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. ” reads the advisory.

Firewall 83

Firewall VPN Authentication Media 83

eSecurity Planet

DECEMBER 18, 2023

December 11, 2023 Sonar Finds Three Vulnerabilities in Open-Source Firewall pfSense Type of vulnerability: Cross-site scripting and command injection. NIST has cataloged the three vulnerabilities as CVE-2023-42325 , CVE-2023-42327 , and CVE-2023-42326. pfSense CE 2.7.0 and below and pfSense Plus 23.05.1

Backups 103

Backups Firewall Engineering Software 103

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Broken Authentication 5. Broken Authentication 5. Mitigation: implement authentication and authorization controls according to the role-based access model.

Passwords 99

Passwords Authentication Architecture Risk 99

eSecurity Planet

OCTOBER 11, 2023

Microsoft’s Patch Tuesday for October 2023 covers a total of 103 CVEs, including three zero-day vulnerabilities affecting WordPad, Skype and the HTTP/2 “ Rapid Reset ” DDoS vulnerability. CVE-2023-41763 , an elevation of privilege vulnerability in Skype for Business with a CVSS score of 5.3

DDOS 101

DDOS Engineering Authentication Social Engineering 101

Malwarebytes

OCTOBER 31, 2023

Tech company F5 has warned customers about a critical authentication bypass vulnerability impacting its BIG-IP product line that could result in unauthenticated remote code execution. This CVEs is listed as: CVE-2023-46747 ( CVSS score 9.8 F5 provides services focused on security, reliability, and performance. ENG) 16.1.0 – 16.1.4

Authentication 77

Authentication DDOS Firewall Software 77

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 96

VPN Authentication Ransomware Antivirus 96

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 87

VPN Authentication Mobile Firewall 87

Security Affairs

APRIL 28, 2024

“Luckily, I was able to get access to the latest version of SANnav in May 2023 (the latest version was 2.2.2 “Luckily, I was able to get access to the latest version of SANnav in May 2023 (the latest version was 2.2.2 version was sent to Brocade PSIRT in May 2023 and they finally aknowledged the vulnerabilities.

Firewall 108

Firewall Authentication Architecture Backups 108

The Hacker News

JULY 12, 2023

SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.

Network Security 96

Network Security Firewall Engineering Authentication 96

Security Boulevard

JUNE 9, 2023

On 31-May-2023, Progress Software disclosed a critical vulnerability CVE-2023-34362 in the MOVEit application. Once the malicious webshell is installed, it creates a random 36 characters long password which later is used for the authentication purpose. This ASPX file stages an SQL database account to be used for further access.

Software 103

Software Internet Internet Authentication 103

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 70

VPN Authentication Mobile Firewall 70

The Last Watchdog

MARCH 4, 2024

A recent study found only 27% of charities undertook risk assessments in 2023 and only 11% said they reviewed risks posed by suppliers. Investing in top-notch firewalls is also essential, as they serve as the first line of defense against external threats. Strengthen authentication. Keep software updated. Train staff regularly.

Social Engineering 213

Social Engineering Risk Cybersecurity Authentication 213

Security Affairs

AUGUST 30, 2023

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. reads the advisory published by Juniper.

Firewall 105

Firewall Authentication Hacking Information Security 105

CyberSecurity Insiders

JANUARY 6, 2023

Here are some API security predictions for 2023: Prediction #1: There will be a major API security breach that forces faster regulatory action. In 2023, we expect that these regulators will increase their expectations around financial institutions’ API security. That choice will become increasingly important in 2023.

CISO 118

CISO Financial Services Risk Unstructured Data 118

Security Affairs

JULY 13, 2023

SonicWall fixed multiple critical vulnerabilities impacting its GMS firewall management and Analytics management and reporting engine. SonicWall addressed multiple critical vulnerabilities in its Global Management System (GMS) firewall management and Analytics network management and reporting engine. R7 and before ● Analytics 2.5.2

Firewall 85

Firewall Authentication Engineering Passwords 85

eSecurity Planet

APRIL 15, 2024

You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs). Employ robust password management techniques, two-factor authentication (2FA), and regular backups of essential data.

Firewall 99

Firewall VPN Software Risk 99

SecureList

JULY 19, 2023

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 While the threat actor infrastructure might request Net-NTLMv2 authentication, Windows will honor the defined internet security zones and will not send (leak) Net-NTLMv2 hashes.

Firmware 85

Firmware Internet Internet Government 85

Cisco Security

AUGUST 24, 2023

Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.

Authentication 60

Authentication Ransomware VPN Passwords 60

eSecurity Planet

AUGUST 14, 2023

August 12 , 2023 Ford Auto’s TI Wi-Fi Vulnerability The Internet of Things (IoT) continues to expand and become a threat to connected businesses. While the infotainment system is supposedly firewalled from steering, throttling, and braking, attached devices may not be fully secured against communication via Wi-Fi.

Software 87

Software Malware Internet Internet 87

Security Affairs

JUNE 29, 2023

A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. The flaw, tracked as CVE-2023-2982 (CVSS Score : 9.8) May 30, 2023 – We initiate contact with the plugin vendor asking that they confirm the inbox for handling the discussion.

Firewall 84

Firewall Authentication Encryption Accountability 84

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” reads the advisory.

Firewall 112

Firewall Accountability Malware Authentication 112

The Last Watchdog

NOVEMBER 12, 2023

I recently discussed the current state of tech standards with DigiCert’s Mike Nelson , Global Vice President of Digital Trust and, Dean Coclin , Senior Director of Trust Services, at DigiCert Trust Summit 2023. Matter works much the way website authentication and website traffic encryption gets executed. identification.”

Manufacturing 276

Manufacturing Authentication Marketing Encryption 276

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT 86

IoT DDOS Passwords Malware 86

Malwarebytes

MAY 15, 2023

This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate these vulnerabilities by June 2, 2023. The Ruckus vulnerability is listed under CVE-2023-25717 , which indicates that Ruckus Wireless Access Point software contains a vulnerability in its web services component.

Wireless 90

Wireless Firewall Internet Internet 90

eSecurity Planet

APRIL 29, 2024

An old Microsoft Windows spooler flaw is added to the CISA KEV list, and the Cactus Ransomware gang currently pursues unfixed Qlik Sense servers with a vulnerability patched in September 2023. Both new and old vulnerabilities can enable an attacker with suitable skills to exploit them, regardless of the CVS score severity.

Firewall 93

Firewall Software Ransomware Penetration Testing 93

Malwarebytes

JANUARY 12, 2024

Take for example the vulnerability that has been added to the CISA catalog: CVE-2023-23752 was reported, and a fix was created in February 2023. Secure accounts with two-factor authentication ( 2FA ). Use a Web Application Firewall (WAF). But here we are, active exploitation is upon us.

Passwords 129

Passwords Firewall Marketing Authentication 129

Security Affairs

AUGUST 27, 2023

Below is the list of flaws addressed by the vendor as part of the company’s semiannual FXOS and NX-OS Software Security Advisory Bundled Publication on August 23, 2023. NX-OS Software Nexus 3000 Series Switches, Nexus 9000 Series Switches Cisco FXOS Software Arbitrary File Write Vulnerability CVE-2023-20234 Medium 4.4

Software 81

Software Authentication Firewall Hacking 81

eSecurity Planet

MARCH 16, 2023

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. Critical Outlook Zero-Day The Outlook zero-day, CVE-2023-23397 , with a critical CVSS score of 9.8, is being actively exploited.

Energy and Utilities 92

Energy and Utilities Authentication Firewall Engineering 92

Malwarebytes

APRIL 25, 2023

Failure to apply the remediations may risk remote code execution, escalation of privileges, or authentication bypass, which could result in execution of malicious web code or loss of device functionality. The CVEs patched in these updates are: CVE-2023-29411 CVSS score 9.8 CVE-2023-29412 CVSS score 9.8

Software 75

Software Authentication Firewall Risk 75

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 107

VPN Cybercrime Ransomware Hacking 107

eSecurity Planet

APRIL 14, 2023

Cloudflare’s bot management solution is integrated with its Content Delivery Network (CDN) and web application firewall , which allows for more comprehensive protection against bot attacks. The company also offers a range of additional cybersecurity solutions, including DDoS protection, web application firewalls, and DNS services.

Software 96

Software DDOS Accountability Firewall 96