Security Affairs

JANUARY 14, 2025

Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf researchers observed a campaign targeting Fortinet FortiGate firewalls with exposed management interfaces, likely exploiting a zero-day vulnerability. ” continues the advisory.

Firewall 85

Firewall VPN Accountability Firmware 85

Security Affairs

NOVEMBER 21, 2024

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities ( CVE-2024-0012 and CVE-2024-9474 ) in PAN-OS. This week, the U.S.

Firewall 114

Firewall Hacking VPN Authentication 114

Penetration Testing

JUNE 16, 2025

Zyxel firewalls are under a coordinated attack exploiting critical RCE flaw CVE-2023-28771 (CVSS 9.8) via UDP port 500, likely by Mirai botnets. Patch immediately

Firewall 76

Firewall Malware Cybersecurity 76

Penetration Testing

JUNE 22, 2025

The post NCSC Uncovers “UMBRELLA STAND” Malware: Stealthy Backdoor Targets Fortinet FortiGate Firewalls appeared first on Daily CyberSecurity.

Firewall 113

Firewall Malware Cybersecurity 113

Penetration Testing

JUNE 23, 2025

The post SHOE RACK Malware: NCSC Uncovers Stealthy Reverse SSH & DoH Post-Exploitation Tool Targeting FortiGate Firewalls appeared first on Daily CyberSecurity.

Firewall 85

Firewall Malware Cybersecurity DNS 85

Security Boulevard

JANUARY 3, 2025

Firewalls and VPN appliances are critical gateways. The post Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door appeared first on Security Boulevard. Like all on-prem systems, a vulnerability can lead to a compromise that is used to open the door for attackers.

Firewall 117

Firewall VPN Security Awareness Cybersecurity 117

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. “When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. 13.73.13.73, 8.8.8.8, ” reads the report.

Firewall 68

Firewall Ransomware VPN Encryption 68

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” All customers are encouraged to upgrade their firewalls to the latest MR listed below.” hardware firewalls: SonicOS 6.5.5.1-6n NSv firewalls: SonicOS 6.5.4.v-21s-RC2457

Firewall 117

Firewall Firmware VPN Authentication 117

Penetration Testing

NOVEMBER 15, 2024

Today, Palo Alto Networks, a leading cybersecurity firm, has issued an urgent update to a recent security advisory, raising the severity level to “Critical” after observing active exploitation of a... The post Palo Alto Networks Raises Alarm on Firewall Vulnerability Following Active Exploitation appeared first on Cybersecurity (..)

Firewall 70

Firewall Cybersecurity 70

Security Affairs

DECEMBER 20, 2024

Sophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access to devices, and remote code execution. Sophos has addressed three vulnerabilities, respectively tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, in its Sophos Firewall solution. GA (21.0.0) GA (21.0.0) of devices.

Firewall 64

Firewall Authentication Passwords Accountability 64

The Hacker News

MAY 23, 2025

SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16.4K From zero-day exploits to large-scale bot attacks the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. stars and a rapidly growing global user base.

Firewall 92

Firewall 92

Security Affairs

DECEMBER 27, 2024

An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane. Repeated exploitation forces the firewall into maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.” ” reads the advisory.

DNS 115

DNS Firewall Spyware Software 115

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 129

Firewall Internet Internet VPN 129

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 119

Firewall Authentication Internet Internet 119

Penetration Testing

MAY 19, 2025

Security researcher Navy Titanium have released a technical deep-dive uncovering three severe vulnerabilities affecting pfSense, the popular open-source The post Can Your Firewall Be Hacked? Severe Flaws Found in pfSense appeared first on Daily CyberSecurity.

Firewall 73

Firewall Hacking Cybersecurity Risk 73

Schneier on Security

JUNE 30, 2025

Firewall of trust Does this mean we should scrap electronic voting machines? That’s why public education surrounding elections is now as vital to election security as firewalls and encrypted networks. And in that belief lies the true firewall of democracy. The cyber domain isn’t just about networks and code.

Cybersecurity 212

Cybersecurity Firewall Digital transformation Technology 212

Security Affairs

JANUARY 15, 2025

. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” “As many as 80 different device types can be found in the data leak, with the FortiGate Firewall 40F and 60F being the most widespread.

VPN 133

VPN Passwords Firewall Firmware 133

Schneier on Security

MAY 16, 2025

The rogue components provide additional, undocumented communication channels that could allow firewalls to be circumvented remotely, with potentially catastrophic consequences, the two people said. Reuters was unable to determine how many solar power inverters and batteries they have looked at.

Firewall 244

Firewall Risk 244

Security Boulevard

APRIL 22, 2025

The post Beyond Firewalls: Why Phishing Demands a People-First, Trust-Centric Response appeared first on Security Boulevard. Phishing attacks are not only more frequent but also more sophisticated, leveraging AI to craft highly convincing messages that bypass traditional security measures.

Firewall 94

Firewall Phishing Social Engineering Security Awareness 94

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 108

Firewall Authentication Architecture Internet 108

The Last Watchdog

OCTOBER 23, 2024

INE Security advises businesses to secure their network by using firewalls, encrypting data, and regularly updating security software. Tip 3: Securing and Monitoring the Network Small businesses often overlook network security, leaving them vulnerable to attacks. million.

Small Business 162

Small Business Data breaches Backups Passwords 162

Penetration Testing

JANUARY 26, 2025

Eclypsium researchers have uncovered multiple critical vulnerabilities in several Palo Alto Networks (PAN) next-generation firewalls (NGFWs). This report The post Palo Alto Networks Firewalls Exposed: BootHole and Other Critical Flaws Uncovered appeared first on Cybersecurity News.

Firewall 62

Firewall Cybersecurity 62

SecureWorld News

DECEMBER 8, 2024

For example, Palo Alto Networks has integrated PQC into its VPNs and next-generation firewalls to protect data in transit against quantum threats. Ensure quantum-ready hardware: Require that new infrastructure device purchases, such as routers and firewalls, have quantum-resistant or upgradable firmware.

Encryption 120

Encryption Firewall Firmware Education 120

Security Affairs

APRIL 19, 2025

. “It is important to note that even fully patched firewall devices may still become compromised if accounts use poor password hygiene.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Remote Code Execution)

Firewall 109

Firewall Passwords VPN Accountability 109

Security Affairs

OCTOBER 29, 2024

“An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.” ” Prior to August 2024, Fog and Akira ransomware attacks targeted a variety of firewall brands.

VPN 132

VPN Ransomware Firewall Internet 132

Penetration Testing

NOVEMBER 4, 2024

This backdoor malware, discovered on Sophos XG... The post Pygmy Goat Malware: A Sophisticated Network Device Backdoor Targets Firewalls appeared first on Cybersecurity News. In a recent report by the National Cyber Security Centre (NCSC), analysts detailed a new malware threat targeting network devices, dubbed “Pygmy Goat.”

Firewall 73

Firewall Malware Cybersecurity 73

Security Affairs

NOVEMBER 7, 2024

Palo Alto Networks Expedition is a tool designed to help users transition to and optimize Palo Alto Networks’ next-generation firewalls. It assists with the migration of configurations from other firewall vendors and legacy Palo Alto Networks devices to newer models.

Firewall 128

Firewall Authentication Accountability Risk 128

Security Affairs

NOVEMBER 2, 2024

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Improved operational security, including disrupting firewall telemetry to hinder detection and minimize their digital footprint.

Firmware 124

Firmware Government Firewall Malware 124

The Hacker News

JULY 2, 2025

Where do you turn when firewalls and endpoint detection and response (EDR) fall short at detecting the most important threats to your organization? With nearly 80% of cyber threats now mimicking legitimate user behavior, how are top SOCs determining what’s legitimate traffic and what is potentially dangerous?

Firewall 114

Firewall Cyber threats VPN 114

Security Affairs

DECEMBER 19, 2024

To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date. Use Firewalls and IDS/IPS : Employ firewalls to block unauthorized access and intrusion detection systems to monitor network behavior.

DDOS 68

DDOS Firmware Firewall Passwords 68

IT Security Guru

MARCH 14, 2025

It provides a firewall that blocks malicious traffic before it reaches your website. It offers a website firewall, which blocks attacks before they can do any harm. All In One WP Security & Firewall This plugin is great for beginners who want an easy way to secure their website.

Cybersecurity 74

Cybersecurity Firewall Cyber Attacks Passwords 74

Security Affairs

FEBRUARY 18, 2025

The two vulnerabilities are: CVE-2025-0108 Palo Alto PAN-OS Authentication Bypass Vulnerability CVE-2024-53704 SonicWall SonicOS SSLVPN Improper Authentication Vulnerability Researchers recently warned that threat actors exploit a recently disclosed vulnerability, CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. states GreyNoise.

Firewall 66

Firewall Firmware Authentication VPN 66

Security Affairs

NOVEMBER 15, 2024

The vulnerabilities reside in the Palo Alto Networks’ Expedition solution, which is a migration tool designed to help organizations move configurations from other firewall platforms (like Check Point, Cisco, and others) to Palo Alto’s PAN-OS. reads the advisory.

Firewall 111

Firewall Passwords Authentication Phishing 111

Security Affairs

MARCH 18, 2025

Threat actors exploit the flaws to create rogue admin or local users, modify firewall policies, and access SSL VPNs to gain access to internal networks. The vulnerability is an authentication bypass issue that could allow a remote attacker to gain super-admin privileges by making maliciously crafted CSF proxy requests. through 7.0.16

Authentication 118

Authentication Ransomware Firewall Hacking 118

IT Security Guru

JANUARY 22, 2025

If you are looking to improve your cybersecurity, consider these plugins to build a more robust defence: Wordfence: A comprehensive security solution with a firewall, malware scanner, and login security features like two-factor authentication.

Backups 116

Backups Firewall Artificial Intelligence Mobile 116

SecureWorld News

JANUARY 22, 2025

Limitations of traditional security measures While organizations typically rely on email filters, firewalls, and antivirus software, these solutions often fall short against AI-powered phishing attacks. This dynamic nature allows attackers to bypass traditional defenses and increase their success rates significantly.

Phishing 115

Phishing Threat Detection Social Engineering DNS 115

eSecurity Planet

NOVEMBER 6, 2024

Deploy a Firewall Install a reliable firewall to monitor incoming traffic, flag suspicious requests, and prevent session hijacking attempts. Utilize SSL/TLS Secure your website with SSL/TLS certificates to encrypt data between users and servers, making it difficult for attackers to intercept and steal session cookies.

Identity Theft 109

Identity Theft Passwords Phishing Accountability 109