eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 103

VPN Authentication Ransomware Antivirus 103

Malwarebytes

OCTOBER 31, 2023

Tech company F5 has warned customers about a critical authentication bypass vulnerability impacting its BIG-IP product line that could result in unauthenticated remote code execution. This CVEs is listed as: CVE-2023-46747 ( CVSS score 9.8 F5 provides services focused on security, reliability, and performance. ENG) 16.1.0 – 16.1.4

Authentication 81

Authentication DDOS Firewall Software 81

Security Boulevard

JUNE 9, 2023

On 31-May-2023, Progress Software disclosed a critical vulnerability CVE-2023-34362 in the MOVEit application. Once the malicious webshell is installed, it creates a random 36 characters long password which later is used for the authentication purpose. This ASPX file stages an SQL database account to be used for further access.

Software 103

Software Internet Internet Authentication 103

eSecurity Planet

SEPTEMBER 26, 2023

SD-WAN integration with the SASE controller for Meraki, Catalyst, and others Cisco Umbrella SIG unifies firewall, SWG, DNS-layer security, CASB, and threat intelligence functions into a single and well-tested cloud service. Cisco+ Secure Connect Platform Cisco+ Secure Connect strives to provide a turnkey SASE solution for a variety of needs.

Firewall 98

Firewall DNS Architecture Technology 98

eSecurity Planet

SEPTEMBER 26, 2023

Physical appliances provide functionality for routing wide area networks (WANs), stateful firewalls, SD-WANs, NGFW, antivirus, intrusion prevention services (IPS), and unified threat management (UTM) capabilities for local networks.

Firewall 98

Firewall Software Antivirus Internet 98

eSecurity Planet

AUGUST 14, 2023

August 12 , 2023 Ford Auto’s TI Wi-Fi Vulnerability The Internet of Things (IoT) continues to expand and become a threat to connected businesses. While the infotainment system is supposedly firewalled from steering, throttling, and braking, attached devices may not be fully secured against communication via Wi-Fi.

Software 98

Software Malware Internet Internet 98

SecureList

JULY 19, 2023

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 While the threat actor infrastructure might request Net-NTLMv2 authentication, Windows will honor the defined internet security zones and will not send (leak) Net-NTLMv2 hashes.

Firmware 90

Firmware Internet Internet Government 90

Malwarebytes

MAY 15, 2023

This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate these vulnerabilities by June 2, 2023. The Ruckus vulnerability is listed under CVE-2023-25717 , which indicates that Ruckus Wireless Access Point software contains a vulnerability in its web services component.

Wireless 94

Wireless Firewall Internet Internet 94

The Last Watchdog

NOVEMBER 12, 2023

I recently discussed the current state of tech standards with DigiCert’s Mike Nelson , Global Vice President of Digital Trust and, Dean Coclin , Senior Director of Trust Services, at DigiCert Trust Summit 2023. Matter works much the way website authentication and website traffic encryption gets executed. identification.”

Manufacturing 276

Manufacturing Authentication Marketing Encryption 276

eSecurity Planet

APRIL 15, 2024

You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs). Employ robust password management techniques, two-factor authentication (2FA), and regular backups of essential data.

Firewall 107

Firewall VPN Software Risk 107

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 99

Firewall Firmware Cyber Attacks VPN 99

eSecurity Planet

SEPTEMBER 25, 2023

Founded in 2004, Cloudflare initially wanted to determine the source of email spam and became dedicated to building a better, more secure internet. Customers on this tier will receive Logpush to security incident and event management (SIEM) tools or cloud storage and certificate-based mTLS Authentication for internet of things (IoT) devices.

DNS 98

DNS DDOS IoT Firewall 98

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted.

Risk 221

Risk VPN Internet Internet 221

Cisco Security

AUGUST 24, 2023

Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.

Authentication 56

Authentication Ransomware VPN Passwords 56

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT 92

IoT DDOS Passwords Malware 92

eSecurity Planet

APRIL 29, 2024

An old Microsoft Windows spooler flaw is added to the CISA KEV list, and the Cactus Ransomware gang currently pursues unfixed Qlik Sense servers with a vulnerability patched in September 2023. Both new and old vulnerabilities can enable an attacker with suitable skills to exploit them, regardless of the CVS score severity.

Firewall 110

Firewall Software Ransomware Penetration Testing 110

eSecurity Planet

JULY 19, 2023

AWS quotes Reblaze pricing starting at $5,440 a month for comprehensive web application protection, including API, web application firewall and DDoS protection. They monitor API traffic, detect anomalies, enforce policies, and provide security measures such as authentication, authorization, and encryption.

Small Business 98

Small Business Threat Detection Firewall Software 98

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60

Cyber Attacks 108

Cyber Attacks Firmware Firewall VPN 108

SecureList

NOVEMBER 14, 2022

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. Okta is a widely used authentication services provider, and it is safe to assume that a hacker controlling their network would be able to infect any of their customers.

Firmware 111

Firmware Surveillance Mobile Telecommunications 111

Security Affairs

APRIL 5, 2023

.” The researchers reported the issues to the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), which assigned the following five CVEs: Use of Hard-coded Credentials CWE-798 ( CVE-2023–1748 , CVSS3.0: Authorization Bypass Through User-Controlled Key CWE-639 ( CVE-2023–1749 , CVSS3.0:

Manufacturing 89

Manufacturing Media Firewall Education 89

eSecurity Planet

MARCH 16, 2023

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. Critical Outlook Zero-Day The Outlook zero-day, CVE-2023-23397 , with a critical CVSS score of 9.8, is being actively exploited.

Energy and Utilities 98

Energy and Utilities Authentication Firewall Engineering 98

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 103

VPN Cybercrime Ransomware Hacking 103

Malwarebytes

APRIL 25, 2023

A recent check in security tool Shodan's search functionality highlights roughly 1,700 software instances currently exposed to the internet. Exploits The two exploits in question are: CVE-2023-27350 : This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 Build 63914).

Authentication 85

Authentication Firewall Ransomware Software 85

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. Recommendations For CVE-2023-46805 and CVE-2023-21887 Apply the patch: Ivanti released a patch to address the initial two vulnerabilities.

VPN 64

VPN Risk Architecture Firewall 64

eSecurity Planet

DECEMBER 8, 2023

Domain name service (DNS) attacks threaten every internet connection because they can deny, intercept, and hijack connections. With the internet playing an increasing role in business, securing DNS plays a critical role in both operations and security. Firewalls should be hardened to close unneeded ports.

DNS 111

DNS DDOS Firewall Architecture 111

eSecurity Planet

JANUARY 22, 2024

The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role. The authenticated user must also be logged into an account on an instance of GHES. Affected keys included some encryption keys and the GitHub commit signing key. and later releases of 13.1

Authentication 111

Authentication Malware VPN Mobile 111

eSecurity Planet

SEPTEMBER 26, 2023

Palo Alto is a top cybersecurity company that pioneered firewall technology and continues to focus on market leadership. Prisma SASE Palo Alto’s Prisma SASE solution is the only company recognized as a Leader in Gartner’s 2023 Magic Quadrant for Single-Vendor SASE. You can unsubscribe at any time.

Artificial Intelligence 52

Artificial Intelligence Marketing DNS IoT 52

Cisco Security

AUGUST 28, 2023

XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider. We appreciate alphaMountain.ai , Pulsedive and Recorded Future donating full licenses to the Black Hat USA 2023 NOC. Hunter summer camp is back.

Wireless 61

Wireless DNS Mobile Technology 61

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity 119

Cybersecurity DDOS Penetration Testing Passwords 119

eSecurity Planet

MAY 19, 2023

Authentication: Ensures that users or entities are verified and granted appropriate access based on their identity. Perhaps more comprehensive than some organizations are looking for, Qualys’ security coverage is as complete as it gets.

Software 103

Software Risk Encryption Marketing 103

Security Boulevard

JANUARY 2, 2024

While the “prediction season” gains momentum, it's pivotal to reflect on the high impact of the 2023 cybersecurity landscape. Let's delve into the rewind of 2023, exploring five influential trends and threats that molded the cyberthreat landscape and are poised to resonate throughout enterprises in 2024.

CISO 104

CISO Social Engineering Architecture Ransomware 104

eSecurity Planet

MARCH 4, 2024

February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. Azure-Connected IoT Vulnerable to Remote Code Execution Type of vulnerability: Internet of things (IoT) RCE vulnerability.

IoT 114

IoT Internet Internet Ransomware 114

eSecurity Planet

MARCH 14, 2023

When the internet arrived, the network added a firewall to protect networks and users as they connected to the world wide web. The internet of things (IoT), operations technology (OT), and the industrial internet of things (IIoT) also now connect to networks. In a complex, modern network, this assumption falls apart.

Network Security 98

Network Security Firewall Penetration Testing Encryption 98

Security Affairs

MARCH 21, 2023

The hackers were also able to turn off the two-factor authentication (2FA). On March 17-18th, 2023, GENERAL BYTES experienced a security incident. “Please keep your CAS behind a firewall and VPN. With VPN/Firewall attackers from open internet cannot access your server and exploit it.

Cryptocurrency 78

Cryptocurrency VPN Manufacturing Firewall 78

Thales Cloud Protection & Licensing

OCTOBER 11, 2023

Protect Your Organization from Cybercrime-as-a-Service Attacks madhav Thu, 10/12/2023 - 04:53 In years gone by, only large enterprises needed to be concerned with cybercrime. Budding cybercriminals now only need a rudimentary understanding of cybersecurity, access to the internet, and a few dollars in their pocket to initiate an attack.

Cybercrime 77

Cybercrime Encryption DDOS Backups 77

SecureList

MAY 7, 2024

In 2021 and 2022, the share of critical vulnerabilities among the total number was comparable, but it increased during the periods from 2019 through 2021 and from 2022 through 2023. The year 2023 was notable for a record number of critical vulnerabilities discovered in software.

Software 85

Software Internet Internet Social Engineering 85

eSecurity Planet

APRIL 22, 2024

If updates can’t be performed immediately, consider deploying additional security controls or at least disconnecting vulnerable devices from direct internet access. April 13, 2024 Delinea Secret Server Patched After Researcher’s Public Disclosure Type of vulnerability: Authentication bypass.

Authentication 60

Authentication Firewall Encryption Cybersecurity 60