Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 90

Firewall VPN Firmware Internet 90

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. The researchers found that just being able to reach the management interface for a vulnerable Fortinet SSL VPN appliance was enough to completely compromise the devices.

Risk 210

Risk VPN Internet Internet 210

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware 109

Firmware Ransomware Passwords Mobile 109

Security Affairs

SEPTEMBER 7, 2022

flaw is classified as a format string vulnerability that resides in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0. Below is the list of affected models and the firmware patches released by the company. SecurityAffairs – hacking, Zyxel). The CVE-2022-34747 (CVSS score: 9.8) 11)C0 and earlier V5.21(AAZF.12)C0

Firewall 90

Firewall Firmware Authentication VPN 90

Security Affairs

JUNE 13, 2023

“A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.” If the customer is not operating SSL-VPN the risk of this issue is mitigated – however, Fortinet still recommends upgrading.”

Firewall 91

Firewall VPN Firmware Manufacturing 91

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 88

VPN Firewall Firmware Authentication 88

Security Affairs

OCTOBER 22, 2022

The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. In one successful attack, the attackers likely exploited an unpatched vulnerability in the organization’s VPN server. In another compromise, the group leveraged on compromised credentials to access a legacy VPN server.

Ransomware 73

Ransomware VPN Cybercrime Accountability 73

Security Affairs

MARCH 16, 2022

As Duo’s default configuration settings allow for the re-enrollment of a new device for dormant accounts, the actors were able to enroll a new device for this account, complete the authentication requirements, and obtain access to the victim network.” SecurityAffairs – hacking, Russia-linked threats actors). Pierluigi Paganini.

Accountability 96

Accountability Passwords Authentication Firmware 96

Security Affairs

SEPTEMBER 3, 2021

Install updates/patch operating systems, software, and firmware as soon as they are released. Use multifactor authentication with strong pass phrases where possible. Consider installing and using a VPN. SecurityAffairs – hacking, FBI). hard drive, storage device, the cloud). Disable hyperlinks in received emails.

Ransomware 103

Ransomware Passwords Backups Firmware 103

Security Affairs

MARCH 19, 2022

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. Consider installing and using a VPN. SecurityAffairs – hacking, AvosLocker ransomware). Do not give all users administrative privileges. ? Disable unused ports.

Ransomware 103

Ransomware DDOS Passwords Backups 103

Security Affairs

APRIL 25, 2022

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. Consider installing and using a virtual private network (VPN). SecurityAffairs – hacking, BlackCat ransomware). hard drive, storage device, the cloud).

Ransomware 111

Ransomware Antivirus Passwords Malware 111

Security Affairs

MARCH 23, 2021

“GE strongly recommends users with impacted firmware versions update their UR devices to UR firmware Version 8.10, or greater to resolve these vulnerabilities. It allows sensitive information exposure without authentication.” Also recognize VPN is only as secure as the connected devices. ” states CISA.

Firmware 86

Firmware VPN Firewall Risk 86

eSecurity Planet

MARCH 1, 2023

To prevent unwanted access and protect data in transit, wireless connections must be secured with strong authentication procedures, encryption protocols, access control rules, intrusion detection and prevention systems, and other security measures. As a result, wireless networks are prone to eavesdropping, illegal access and theft.

Wireless 98

Wireless Encryption Authentication IoT 98

Security Affairs

JUNE 27, 2022

Try using secure VPN networks when remote access is required, and perform adequate access control and auditing. recommending vendors who use CODESYS V2 Runtime to investigate themselves in time, and actively to fix and release the patched version of firmware. SecurityAffairs – hacking, Codesys ICS Automation Software).

Software 90

Software Manufacturing Firmware Risk 90

Security Affairs

MARCH 26, 2021

Install updates/patch operating systems, software, and firmware as soon as they are released. • Use multifactor authentication where possible. Consider installing and using a VPN. SecurityAffairs – hacking, Mamba ransomware). hard drive, storage device, the cloud). The FBI does not encourage paying ransoms.

Ransomware 144

Ransomware Encryption Passwords Malware 144

Security Affairs

MAY 13, 2021

Require multi-factor authentication for remote access to OT and IT networks. Update software , including operating systems, applications, and firmware on IT network assets, in a timely manner. After assessing risks, if RDP is deemed operationally necessary, restrict the originating sources and require multi-factor authentication.

Ransomware 115

Ransomware Healthcare Phishing Risk 115

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. SecurityAffairs – Prima FlexAir, hacking).

Backups 59

Backups Authentication Advertising Firmware 59

Security Affairs

JANUARY 3, 2020

The other vulnerability is an information disclosure issue that could be exploited by an attacker to obtain a device’s VPN configuration file, potentially exposing sensitive information. SecurityAffairs – D-Link, hacking). Later, the vendor updated the advisory and included tens of D-Link DIR models in the list of vulnerable devices.

Advertising 67

Advertising Firmware VPN Authentication 67

Security Affairs

APRIL 2, 2021

Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. • Use multifactor authentication where possible. SecurityAffairs – hacking, Fortinet FortiOS). hard drive, storage device, the cloud). Implement the shortest acceptable timeframe for password changes. Pierluigi Paganini.

Passwords 69

Passwords Government Firmware Accountability 69

Security Affairs

OCTOBER 20, 2018

Meaning, authentication bypasses weren’t enough. CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. Firmware Analysis. Summary of Our Findings.

Firmware 64

Firmware IoT VPN Authentication 64

Security Affairs

OCTOBER 13, 2020

Nobody told them that their coffee machine could be hacked into or that their camera could be used to launch a DDoS attack. If such processes lack proper authentication steps, they could work as gateways for bigger problems. It can be prevented through the use of an online VPN. SecurityAffairs – hacking, IoT).

IoT 133

IoT Cybersecurity Manufacturing Internet 133

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. Another type of service sold on the dark web is IoT hacking. Cameras may be hacked for their CPU power only, to mine crypto, or to install DDoS utilities.

IoT 86

IoT DDOS Passwords Malware 86

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A However, it turns out that this information is not so secret after all, but can be retrieved without authentication from the path /about_state” reads the analysis published by the experts. “Firmware Update 8.2B

Firmware 99

Firmware Manufacturing Passwords Penetration Testing 99

Security Affairs

NOVEMBER 14, 2023

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. ” reported the SektorCERT.

Cyber Attacks 118

Cyber Attacks Firmware Firewall VPN 118

Security Affairs

JANUARY 14, 2024

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35. reported the SektorCERT. “An

Firewall 108

Firewall Firmware Cyber Attacks VPN 108

eSecurity Planet

MARCH 4, 2024

February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. February 28, 2024 Internet Exposed 3D-Printers Hacked to Broadcast Vulnerability Exposure Type of vulnerability: Missing valid credential check in printer service APIs.

IoT 117

IoT Internet Internet Ransomware 117

SecureList

NOVEMBER 14, 2022

Looking back at past leaks of private companies providing such services, such as in the case of Hacking Team, we learned that many states all over the world were buying these capabilities, whether to complement their in-house technologies or as a stand-alone solution they couldn’t develop.

Firmware 106

Firmware Surveillance Mobile Telecommunications 106