Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication.

Firewall 105

Firewall Government VPN Authentication 105

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. Patch your #Fortigate. ” reads the advisory.

Firewall 85

Firewall VPN Authentication Media 85

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. The vulnerability can be tracked as CVE-2023-29357.

Firewall 109

Firewall Firmware IoT Authentication 109

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, in its firewall devices.

Firmware 91

Firmware Firewall Authentication VPN 91

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 104

VPN Authentication Ransomware Antivirus 104

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 95

VPN Authentication Mobile Firewall 95

eSecurity Planet

APRIL 15, 2024

Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs).

Firewall 109

Firewall VPN Software Risk 109

Cisco Security

AUGUST 24, 2023

Cisco is aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organizations, and we have observed instances where threat actors appear to be targeting organizations that do not configure multi-factor authentication for their VPN users.

Authentication 56

Authentication Ransomware VPN Passwords 56

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. The researchers found that just being able to reach the management interface for a vulnerable Fortinet SSL VPN appliance was enough to completely compromise the devices.

Risk 221

Risk VPN Internet Internet 221

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 107

VPN Cybercrime Ransomware Hacking 107

eSecurity Planet

FEBRUARY 12, 2024

February 5, 2024 JetBrains TeamCity Saga Continues with Another Server Vulnerability Type of vulnerability: Authentication bypass by an unauthenticated attacker. The RCE vulnerability is tracked as CVE-2023-40547 and has a severity rating of 8.3. Both vulnerabilities affected authenticated users of Apache Oozie and Apache Ambari.

VPN 109

VPN Authentication Software Firewall 109

Security Affairs

APRIL 25, 2024

By redirecting the pointer to the Line Dancer interpreter, attackers can interact with the device through POST requests without authentication. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

VPN 109

VPN Software Firewall Authentication 109

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT 101

IoT DDOS Passwords Malware 101

eSecurity Planet

JANUARY 22, 2024

The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role. The authenticated user must also be logged into an account on an instance of GHES. Affected keys included some encryption keys and the GitHub commit signing key. and later releases of 13.1

Authentication 113

Authentication Malware VPN Mobile 113

eSecurity Planet

MARCH 16, 2023

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. Critical Outlook Zero-Day The Outlook zero-day, CVE-2023-23397 , with a critical CVSS score of 9.8, is being actively exploited.

Energy and Utilities 98

Energy and Utilities Authentication Firewall Engineering 98

Security Affairs

MARCH 21, 2023

The hackers were also able to turn off the two-factor authentication (2FA). On March 17-18th, 2023, GENERAL BYTES experienced a security incident. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN.

Cryptocurrency 81

Cryptocurrency VPN Manufacturing Firewall 81

SecureList

APRIL 22, 2024

Diagram of SSH tunnel creation SoftEther VPN The next tool that the attackers used for tunneling was the server utility (VPN Server) from the SoftEther VPN package. To launch the VPN server, the attackers used the following files: vpnserver_x64.exe IP Country + ASN Net name Net Description Address Email 103.27.202[.]85

VPN 122

VPN Passwords Encryption Malware 122

eSecurity Planet

MARCH 19, 2024

The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website. The fix: Fortinet advised users to disable SSL VPN until their FortiOS and FortiProxy deployments can be upgraded.

Authentication 119

Authentication VPN Software DDOS 119

Security Affairs

NOVEMBER 15, 2023

The report includes IOCs and TTPs identified through investigations as recently as September 2023. The Rhysida ransomware group has been active since May 2023, according to the gang’s Tor leak site, at least 62 companies are victims of the operation. VPNs, RDPs) to gain initial access to the target network and maintain persistence.

Ransomware 115

Ransomware Manufacturing Healthcare Education 115

eSecurity Planet

APRIL 14, 2023

Features Automated threat responses to indicators of compromise Centralized visibility and policy management of all endpoints — workstations, laptops, and internet of things (IoT) devices Bidirectional third party integration to improve security and auditing Firewalls: Checkpoint, Fortinet, Juniper, Palo Alto Networks, etc.

IoT 98

IoT VPN Firewall Authentication 98

The Last Watchdog

MAY 14, 2021

Early SD-WAN solutions “were built only to replace an MPLS-VPN with an Internet-based VPN,” Ahuja says. The firewall emerged as the cornerstone around which companies were encouraged to pursue a so-called defense-in-depth strategy. Anti-virus suites morphed into endpoint detection systems. SASE fundamentals. Identity is vital.

Firewall 138

Firewall Mobile VPN Digital transformation 138

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. to gain access to ICS VPN appliances. to gain access to ICS VPN appliances.

VPN 62

VPN Risk Architecture Firewall 62

SiteLock

FEBRUARY 15, 2022

million in 2023. Web Application Firewall (WAF): WAFs protect customer websites against distributed denial-of-service (DDoS) attacks, where attackers band together to take a site down by disrupting its offered services. Meanwhile, Cisco estimates that the number of distributed denial-of-service (DDoS) attacks will nearly double from 7.8

DDOS 59

DDOS Backups Education Malware 59

eSecurity Planet

APRIL 17, 2023

It creates these profiles by pulling information from in-line network devices (firewalls, wireless routers, etc.), This article was originally written by Drew Robb on July 7, 2017, and updated by Chad Kime on April 17, 2023. existing identity access management tools (Active Directory, etc.),

IoT 98

IoT Wireless Malware Authentication 98

SecureWorld News

OCTOBER 30, 2023

According to Verizon's 2023 Data Breach Investigations Report (DBIR), a whopping 74% of breaches involve a human element, which is exactly what phishing aims to exploit. Speaking of which, security analysts from KnowBe4 have recently shared their findings regarding the top phishing schemes of Q2 2023.

Phishing 98

Phishing Scams Passwords Wireless 98

eSecurity Planet

SEPTEMBER 25, 2023

Customers on this tier will receive Logpush to security incident and event management (SIEM) tools or cloud storage and certificate-based mTLS Authentication for internet of things (IoT) devices. Subscribe The post Cloudflare One SASE Review & Features 2023 appeared first on eSecurity Planet. You can unsubscribe at any time.

DNS 98

DNS DDOS IoT Firewall 98

Cisco Security

AUGUST 28, 2023

XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider. We appreciate alphaMountain.ai , Pulsedive and Recorded Future donating full licenses to the Black Hat USA 2023 NOC. Hunter summer camp is back.

Wireless 60

Wireless DNS Mobile Technology 60

eSecurity Planet

MARCH 14, 2023

When the internet arrived, the network added a firewall to protect networks and users as they connected to the world wide web. Most network security vendors focus on providing hardware and software solutions to deliver technical controls that use applications to authorize, authenticate, facilitate, protect, and monitor networking traffic.

Network Security 98

Network Security Firewall Penetration Testing Encryption 98

eSecurity Planet

JUNE 8, 2023

Email Authentication Protocols: SPF, DKIM, DMARC The three mutually-reinforcing email authentication protocols, Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) verify the authenticity of emails.

Firewall 80

Firewall DNS Authentication Malware 80

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 102

Firewall Firmware Cyber Attacks VPN 102

eSecurity Planet

MARCH 28, 2023

Aruba ClearPass Policy Manager Aruba ClearPass provides role- and device-based network access control for employees, students, contractors and guests across any multi-vendor wired, wireless and VPN infrastructure. Applicable Metrics Aruba ClearPass is deployed in high-volume authentication environments (e.g. 30 points of presence).

Wireless 116

Wireless Authentication IoT VPN 116

eSecurity Planet

SEPTEMBER 26, 2023

Palo Alto is a top cybersecurity company that pioneered firewall technology and continues to focus on market leadership. Prisma SASE Palo Alto’s Prisma SASE solution is the only company recognized as a Leader in Gartner’s 2023 Magic Quadrant for Single-Vendor SASE. You can unsubscribe at any time.

Artificial Intelligence 52

Artificial Intelligence Marketing DNS IoT 52

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60

Cyber Attacks 112

Cyber Attacks Firmware Firewall VPN 112

eSecurity Planet

DECEMBER 8, 2023

DNS communicates in plain text and, without modification, DNS assumes that all information it receives is accurate, authentic, and authoritative. To protect the protocol, best practices will add additional protocols to the process that encrypt the DNS communication and authenticate the results.

DNS 113

DNS DDOS Firewall Architecture 113

NopSec

MAY 1, 2024

Palo Alto PanOS RCE CVE-2024-3400 It feels like the first quarter of 2024 has been defined by a string of SSL VPN command execution vulnerabilities and Palo Alto has jumped on the wagon. Researchers at Veloxity observed that clients were reporting breach incidents at their firewall end-points. You can guess where this is going.

Firewall 59

Firewall VPN Software Authentication 59

eSecurity Planet

DECEMBER 7, 2023

AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. Encryption protocols can also verify the authenticity of sources and prevent a sender from denying they were the origin of a transmission.

Encryption 113

Encryption Passwords IoT Firewall 113