Accountability, Firewall, Security Defenses and VPN

VulnRecap 1/16/24 – Major Firewall Issues Persist

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. This vulnerability is tracked as CVE-2024-21591.

Firewall

Firewall Firmware IoT Authentication

How To Set Up a Firewall in 8 Easy Steps + Best Practices

eSecurity Planet

APRIL 30, 2024

Setting up a firewall is the first step in securing your network. A successful firewall setup and deployment requires careful design, implementation, and maintenance to effectively improve your network integrity and data security. Verify that the chosen firewall can meet your security standards and functions.

Firewall

Firewall Architecture Firmware Risk

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security.

Firewall

Firewall VPN Software Risk

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

An attacker creates a new admin user and logs into an OpenFire account. August 24, 2023 Akira ransomware targeting Cisco, but MFA helps Akira ransomware groups have been exploiting Cisco’s virtual private network ( VPN ) tools. This highlights the importance of enabling multi-factor authentication (MFA) in VPN implementations.”

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

An attacker creates a new admin user and logs into an OpenFire account. August 24, 2023 Akira ransomware targeting Cisco, but MFA helps Akira ransomware groups have been exploiting Cisco’s virtual private network ( VPN ) tools. This highlights the importance of enabling multi-factor authentication (MFA) in VPN implementations.”

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

eSecurity Planet

SEPTEMBER 5, 2023

Unpatched devices can give attackers privileged access to networks, particularly those set up as VPN virtual servers, ICA proxies, RDP proxies, or AAA servers. This major security weakness can allow unauthenticated attackers to execute code on vulnerable devices through the Internet-exposed J-Web configuration interface.

VPN

VPN Authentication Ransomware Antivirus

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

JANUARY 22, 2024

The authenticated user must also be logged into an account on an instance of GHES. To exploit CVE-2023-6549, an attacker must find an appliance that’s configured as a gateway, such as a VPN virtual server, or it must be configured as an AAA virtual server. GitHub has already rotated the credentials for these issues.

Authentication

Authentication Malware VPN Mobile

16 Remote Access Security Best Practices to Implement

eSecurity Planet

AUGUST 22, 2023

As the internet has enabled us to access work, data, and equipment from any location, remote access security has become increasingly crucial. Strong passwords, two-factor authentication, firewalls, encryption, and monitoring systems are just a few of the tools and procedures used to maintain security.

Passwords

Passwords Authentication Encryption VPN

Vulnerability Recap 3/19/24 – Microsoft, Fortinet & More

eSecurity Planet

MARCH 19, 2024

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.

Authentication

Authentication VPN Software DDOS

What Is a Host-Based Firewall? Definition & When to Use

eSecurity Planet

FEBRUARY 6, 2024

A host-based firewall is installed directly on individual networked devices to filter network traffic on a single device by inspecting both incoming and outgoing data. Its goal is to establish a uniform security posture throughout the network and improve endpoint security by creating a protective barrier at the individual computer level.

Firewall

Firewall Mobile Network Security Software

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

History of MSSPs As internet service providers (ISPs) and telecommunications companies (telecoms) began offering commercial access to the internet in the late 1990s, they began to also offer firewall appliances and associated managed services. and then monitors the endpoint alerts to respond to detected threats.

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

34 Most Common Types of Network Security Protections

eSecurity Planet

MARCH 17, 2023

Penetration Testing Product Guides 9 Best Penetration Testing Tools 10 Top Open Source Penetration Testing Tools Next-Generation Firewall (NGFW) Next-generation firewalls (NGFWs) move beyond the traditional perimeter of a network to provide protections at the application layer of the TCP/IP stack.

Network Security

Network Security Penetration Testing Firewall Antivirus

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

The algorithm allows for variable key sizes and variable rounds to increase randomness and security. AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. It was updated by Chad Kime on December 7, 2023.

Encryption

Encryption Passwords IoT Firewall

FortiSASE SASE Solution Review

eSecurity Planet

SEPTEMBER 26, 2023

For more details, explore the following sections of this review: Who is Fortinet FortiSASE Pricing & Delivery Features Pros Cons Alternatives to FortiSASE How We Evaluated FortiSASE Bottom Line: Best for Fortinet Upgrades To compare FortiSASE against their competition, see our complete list of top secure access service edge (SASE) solutions.

Firewall

Firewall DNS Technology Antivirus

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

VulnRecap 1/16/24 – Major Firewall Issues Persist

How To Set Up a Firewall in 8 Easy Steps + Best Practices

Webinars

Trending Sources

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Webinars

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

16 Remote Access Security Best Practices to Implement

Vulnerability Recap 3/19/24 – Microsoft, Fortinet & More

What Is a Host-Based Firewall? Definition & When to Use

What is a Managed Security Service Provider? MSSPs Explained

34 Most Common Types of Network Security Protections

What Is Encryption? Definition, How it Works, & Examples

FortiSASE SASE Solution Review

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected