Penetration Testing

MARCH 12, 2024

Security researcher ‘stealthcopter‘ has exposed a severe security hole in the widely used WordPress Anti-Malware Security and Brute-Force Firewall plugin (GOTMLS). This vulnerability, labeled CVE-2024-22144 with a “Critical” CVSS score of 9.0,

Penetration Testing 103

Penetration Testing Firewall Malware 103

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 112

Firewall VPN Authentication Hacking 112

Penetration Testing

JANUARY 31, 2024

Developed by Trustwave’s SpiderLabs, this open-source web application firewall (WAF) engine supports Apache, IIS, and Nginx. It’s... The post CVE-2024-1019: Exposing ModSecurity’s Critical WAF Bypass Flaw appeared first on Penetration Testing.

Penetration Testing 110

Penetration Testing Firewall Cyber threats Engineering 110

Security Boulevard

APRIL 17, 2024

Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the command injection vulnerability (CVE-2024-3400) in PAN-OS. The CVSS score […] The post Palo Alto Networks PAN-OS Command Injection Vulnerability (CVE-2024-3400) appeared first on NSFOCUS, Inc.,

Firewall 64

Firewall Cyber Attacks 64

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.

Firewall 105

Firewall Government VPN Authentication 105

Security Affairs

JANUARY 12, 2024

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. ” reads the advisory published by the vendor. “This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.”

Firewall 109

Firewall Hacking Software Information Security 109

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection.

Firewall 97

Firewall Firmware IoT Authentication 97

The Hacker News

JANUARY 13, 2024

Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An

Firewall 97

Firewall 97

Security Boulevard

APRIL 25, 2024

On April 12 (and then updated again on April 20), Palo Alto Networks released an advisory about a vulnerability in the PAN-OS® software that runs Palo Alto Networks® Next-Generation Firewalls (NGFWs). The post NodeZero: Testing for Exploitability of Palo Alto Networks CVE-2024-3400 appeared first on Horizon3.ai.

Firewall 69

Firewall Software 69

Security Boulevard

APRIL 13, 2024

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto is here. The CISA advisory [.]

Firewall 75

Firewall 75

Security Affairs

APRIL 28, 2024

Another severe issue is related to the presence of Hardcoded Docker Keys tracked as CVE-2024-29963 (CVSS score of 8.6). The patches were released in April 2024, 19 months after Brocade firstly rejected the vulnerabilities and 11 months after Brocade acknowledged the vulnerabilities. Brocade SANnav OVA before v2.3.1,

Firewall 108

Firewall Authentication Architecture Backups 108

Hack the Box

APRIL 12, 2024

Use our Nmap cheatsheet for essential commands including host discovery, network and port scanning, and firewall evasion.

Firewall 86

Firewall 86

Thales Cloud Protection & Licensing

MARCH 6, 2024

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action madhav Thu, 03/07/2024 - 04:56 APIs (Application Programming Interfaces) are the backbone of modern digital innovation. They drive seamless connectivity, enable rapid development, and power countless business-critical applications.

Risk 87

Risk Financial Services Authentication DDOS 87

eSecurity Planet

APRIL 15, 2024

You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs). April 8, 2024 Multiple Vulnerabilities Discovered in LG WebOS Smart TVs Type of vulnerability: Authorization bypass, privilege escalation, command injection.

Firewall 99

Firewall VPN Software Risk 99

The Hacker News

MARCH 18, 2024

WordPress users of miniOrange's Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system.

Firewall 119

Firewall Malware 119

Security Affairs

MARCH 18, 2024

A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the company Bug Bounty initiative Extravaganza.

Firewall 96

Firewall Malware Passwords Hacking 96

Security Boulevard

MARCH 6, 2024

API Security in 2024: Imperva Report Uncovers Rising Threats and the Urgent Need for Action madhav Thu, 03/07/2024 - 04:56 APIs (Application Programming Interfaces) are the backbone of modern digital innovation. They drive seamless connectivity, enable rapid development, and power countless business-critical applications.

Risk 64

Risk Financial Services Authentication DDOS 64

Security Affairs

APRIL 25, 2024

Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). On April 19, 2024, CrushFTP advised of a virtual file system escape present in their FTP software that could allows users to download system files. Simon Garrelou from the Airbus CERT discovered the vulnerability.

VPN 109

VPN Software Firewall Authentication 109

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. .” reads the advisory published by Okta.

VPN 110

VPN Accountability Firewall Data breaches 110

eSecurity Planet

APRIL 29, 2024

April 22, 2024 CISA Adds 2022 Windows Print Spooler Vulnerability to KEV Catalog Type of vulnerability: Elevation of privilege. Federal agencies have until May 14, 2024, to apply patches or disable vulnerable software. Consider reading more about forensic tools and processes to investigate attacks. The problem: The CVSS 10.0/10.0

Firewall 93

Firewall Software Ransomware Penetration Testing 93

Security Affairs

APRIL 16, 2024

Cisco Talos researchers warn of large-scale credential brute-force attacks targeting multiple targets, including Virtual Private Network (VPN) services, web application authentication interfaces and SSH services since at least March 18, 2024.

VPN 122

VPN Firewall Authentication Hacking 122

BH Consulting

JANUARY 28, 2024

Trust but verify ‘Trust but verify’ is a term in cybersecurity coined to describe traditional security approaches that emphasize protecting internal systems from outside threats using tools such as firewalls and passwords. The post Data Protection Day 2024: In Privacy We Trust appeared first on BH Consulting.

Authentication 69

Authentication Firewall Data breaches Risk 69

Malwarebytes

FEBRUARY 23, 2024

CVE-2024-21722 : The multi-factor authentication (MFA) management features did not properly terminate existing user sessions when a user’s MFA methods have been modified. CVE-2024-21723 : Inadequate parsing of URLs could result into an open redirect. Use a Web Application Firewall (WAF).

Authentication 103

Authentication Firewall Risk Media 103

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 107

VPN Cybercrime Ransomware Hacking 107

Security Affairs

JANUARY 21, 2024

Patch it now! million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Artificial Intelligence 97

Artificial Intelligence VPN Hacking Firewall 97

eSecurity Planet

MARCH 19, 2024

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.

Authentication 102

Authentication VPN Software DDOS 102

Centraleyes

APRIL 18, 2024

Cisco has sounded the alarm on a widespread increase in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since March 18, 2024. The attacks appear to originate from TOR exit nodes and other anonymizing tunnels and proxies.

VPN 52

VPN Firewall Authentication Passwords 52

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 104

Data breaches Social Engineering Malware Hacking 104

eSecurity Planet

FEBRUARY 12, 2024

February 5, 2024 JetBrains TeamCity Saga Continues with Another Server Vulnerability Type of vulnerability: Authentication bypass by an unauthenticated attacker. The vulnerability is tracked as CVE-2024-23917. The vulnerability is tracked as CVE-2024-21762 and has a critical severity rating. through 2023.11.2.

VPN 104

VPN Authentication Software Firewall 104

Cisco Security

MARCH 18, 2024

Join the guided tour outside the Security Operations Center, where we’ll discuss real time network traffic of the RSA Conference, as seen in the NetWitness platform.

Engineering 97

Engineering Firewall 97

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Firewall 101

Firewall Government Malware Hacking 101

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 123

Ransomware Backups Healthcare Firewall 123

Penetration Testing

APRIL 24, 2024

A sophisticated and ongoing cyberattack dubbed “ArcaneDoor” has breached Cisco firewalls across the globe.

Penetration Testing 107

Penetration Testing Firewall 107

Security Affairs

MARCH 4, 2024

3/n)) pic.twitter.com/hAKRJR1KFp — HaxRob (@haxrob) February 28, 2024 Both binaries targeted a very old Red Hat Linux version. An intriguing aspect of GTPDOOR is its minimal impact on ingress firewall configurations. Someone hasn't been keeping their systems up to date. (3/n))

Telecommunications 129

Telecommunications Firewall Mobile Malware 129

SecureList

MAY 7, 2024

Additionally, we take a close look at several noteworthy vulnerabilities discovered in Q1 2024. The number of newly registered CVEs, 2019 — 2024. The decline in 2024 is due to data being available for Q1 only ( download ) As the chart illustrates, the number of new vulnerabilities has been steadily increasing year over year.

Software 79

Software Internet Internet Social Engineering 79

Security Affairs

JANUARY 23, 2024

As of January 18, 2024 VMware is aware of exploitation “in the wild.”” reads the advisory. VIBs are collections of files that are designed to manage virtual systems, they can be used to create startup tasks, custom firewall rules, or deploy custom binaries upon the restart of an ESXi machine.

Firewall 114

Firewall Malware Hacking Cybersecurity 114

Security Affairs

FEBRUARY 13, 2024

“During the night of February 11 to 12, 2024, a massive cyber ransomware attack took place on the production servers on which the HIS IT system runs. Hipocrate Information System (HIS) is a software suite designed to manage the medical and administrative activities of hospitals and other healthcare institutions.

Ransomware 112

Ransomware Backups Encryption Healthcare 112