Bleeping Computer

JULY 3, 2023

Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem. [.]

Firewall 142

Firewall 142

The Hacker News

SEPTEMBER 19, 2023

New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. CVE-2023-36845 refers to a

Firewall 138

Firewall Internet Internet 138

SecureBlitz

AUGUST 10, 2023

Discover the features of next-generation firewalls in this 2023 guide. In 2023, the global average cost of a data breach due to cyber-attacks was USD 4.45 Understand how they contribute to stronger cybersecurity in the digital age. These numbers are expected to grow in the coming days.

Firewall 98

Firewall Cyber Attacks Data breaches Cybersecurity 98

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Despite a proof-of-concept exploit for the flaw CVE-2023-0656 was publicly released, the vendor is not aware of attack in the wild exploiting the vulnerabilities.

Firewall 144

Firewall Hacking Firmware Internet 144

The Hacker News

JULY 3, 2023

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild. CVE-2023-27997

Firewall 105

Firewall VPN Internet Internet 105

Security Boulevard

JULY 9, 2023

Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. Permalink The post BSides Knoxville 2023 – Reanna Schultz – Social Engineering: Training The Human Firewall appeared first on Security Boulevard.

Social Engineering 96

Social Engineering Firewall Engineering CISO 96

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n 5035 and older versions.”

Firewall 129

Firewall Firmware Malware Internet 129

Penetration Testing

MARCH 28, 2024

A newly discovered vulnerability in Imperva SecureSphere, a widely used on-premise Web Application Firewall (WAF), has the potential to expose organizations to devastating security breaches.

Penetration Testing 145

Penetration Testing Firewall 145

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. In December 2022, Sophos released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. reads the advisory.

Firmware 134

Firmware Firewall Internet Internet 134

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. Bishop Fox’s Capability Development team built an exploit for the vulnerability CVE-2023-27997. ” states the analysis published by Bishop Fox.

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

MAY 1, 2024

The experts noticed a spike in activity observed in September 2023. The threat actors appear to have the capability to control China’s Great Firewall and were observed utilizing a novel technique involving fake DNS MX records. However, the Infoblox researchers have yet to discover the motivation behind the attacks.

DNS 143

DNS Firewall DDOS Hacking 143

Penetration Testing

DECEMBER 31, 2023

PingRAT PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.

Firewall 111

Firewall Penetration Testing 111

The Hacker News

APRIL 28, 2023

Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. The issue, tracked as CVE-2023-28771, is rated 9.8 Improper error message handling in some firewall versions on the CVSS scoring system.

Firewall 114

Firewall 114

Tech Republic Security

JUNE 8, 2023

The post Cisco LIVE 2023: AI and security platforms innovations take center stage appeared first on TechRepublic. At its annual customer event in Las Vegas, Cisco introduced AI-powered, cloud-based products that are designed to snap into its new Security Cloud platform like LEGO.

Artificial Intelligence 187

Artificial Intelligence Firewall Cybersecurity 187

The Last Watchdog

OCTOBER 23, 2024

INE Security advises businesses to secure their network by using firewalls, encrypting data, and regularly updating security software. The cost of ignoring such measures can be substantial, as noted in IBM’s 2023 Cost of a Data Breach Report, which found the average impact of a data breach on small businesses can exceed $3.31

Small Business 162

Small Business Data breaches Backups Passwords 162

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy. through 6.2.13

Firewall 98

Firewall VPN Firmware Manufacturing 98

Heimadal Security

JUNE 7, 2023

CISA included CVE-2023-33009 and CVE-2023-33010 Zyxel Firewalls flaws in its Known Exploited Vulnerabilities (KEV) catalog. Zyxel released patches on May 24th, 2023, and […] The post Vulnerability Alert! Zyxel released patches on May 24th, 2023, and […] The post Vulnerability Alert!

Firewall 102

Firewall Cybersecurity 102

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware.

VPN 126

VPN Government Malware Manufacturing 126

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 1 ZLD V5.36

Firewall 98

Firewall VPN Authentication Hacking 98

The Hacker News

JUNE 5, 2023

Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

Firewall 98

Firewall Cybersecurity 98

Security Affairs

AUGUST 28, 2023

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. In mid-August, Juniper addressed four medium-severity (CVSS 5.3)

Firewall 98

Firewall Authentication Hacking Information Security 98

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. .

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. USG FLEX ZLD V4.60

Firewall 98

Firewall Firmware VPN DDOS 98

Heimadal Security

JULY 21, 2023

Multiple DDoS botnets have actively exploited a critical vulnerability discovered in Zyxel firewall models, as revealed by cybersecurity researchers. Tracked as CVE-2023-28771, this flaw explicitly impacts Linux platforms and enables remote attackers to gain unauthorized control over vulnerable systems, effectively launching DDoS attacks.

Firewall 96

Firewall DDOS Cybersecurity 96

The Hacker News

MAY 25, 2023

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8

Firewall 98

Firewall VPN Software 98

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. The vulnerability can be tracked as CVE-2023-29357.

Firewall 109

Firewall Firmware IoT Authentication 109

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks.

Firewall 135

Firewall Government VPN Authentication 135

The Hacker News

NOVEMBER 30, 2023

Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection.

Firewall 105

Firewall Authentication 105

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. Patch your #Fortigate. Details at a later time.

Firewall 98

Firewall VPN Authentication Media 98

The Hacker News

JUNE 11, 2023

Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution.

Firewall 99

Firewall VPN Authentication 99

IT Security Guru

JANUARY 22, 2025

As such, some tips and tricks that worked for websites in 2023 might be obsolete in 2025. If you are looking to improve your cybersecurity, consider these plugins to build a more robust defence: Wordfence: A comprehensive security solution with a firewall, malware scanner, and login security features like two-factor authentication.

Artificial Intelligence 116

Artificial Intelligence Backups Mobile Firewall 116

IT Security Guru

MARCH 14, 2025

Cybercrime is a growing problem, with 39% of UK businesses experiencing cyber attacks in 2023. It provides a firewall that blocks malicious traffic before it reaches your website. It offers a website firewall, which blocks attacks before they can do any harm. If your site ever gets hacked, Sucuri provides help to clean it up.

Cybersecurity 74

Cybersecurity Firewall Cyber Attacks Passwords 74

eSecurity Planet

DECEMBER 18, 2023

December 11, 2023 Sonar Finds Three Vulnerabilities in Open-Source Firewall pfSense Type of vulnerability: Cross-site scripting and command injection. NIST has cataloged the three vulnerabilities as CVE-2023-42325 , CVE-2023-42327 , and CVE-2023-42326. pfSense CE 2.7.0 and below and pfSense Plus 23.05.1

Backups 113

Backups Firewall Engineering Software 113

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. Threat actors are actively attempting to exploit the command injection vulnerability CVE-2023-28771 impacting Zyxel firewalls. in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The vulnerability was published on November 26, the patch has been publicly available since May 16, 2023.

Firewall 116

Firewall Authentication Accountability Firmware 116

eSecurity Planet

AUGUST 29, 2023

Firewall-as-a-Service (FWaaS) offers firewall capabilities as a cloud-based service. Traditional firewalls protect the network perimeter, enforcing security standards by regulating incoming and outgoing traffic according to rules and traffic analysis.

Firewall 98

Firewall Architecture Data privacy Internet 98

Heimadal Security

FEBRUARY 10, 2023

Compared to network security systems that include appliances such as firewalls that monitor traffic as it flows through a scenario, threat hunting is a different approach to dealing with cyber-attacks.

Firewall 105

Firewall Cyber Attacks Network Security 105