Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. ” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ASA)

Firewall 115

Firewall Government VPN Authentication 115

Security Affairs

JANUARY 12, 2024

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Juniper ) ” reads the advisory published by the vendor.

Firewall 118

Firewall Hacking Software Information Security 118

Security Affairs

DECEMBER 9, 2022

Claroty researchers devised a technique for bypassing the web application firewalls (WAF) of several vendors. Researchers at industrial and IoT cybersecurity firm Claroty devised an attack technique for bypassing the web application firewalls (WAF) of several industry-leading vendors. SecurityAffairs – hacking, WAF).

Firewall 137

Firewall Wireless IoT Hacking 137

Security Affairs

AUGUST 28, 2023

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. In mid-August, Juniper addressed four medium-severity (CVSS 5.3)

Firewall 95

Firewall Authentication Hacking Information Security 95

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. In December 2022, Sophos released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. reads the advisory. “A

Firmware 101

Firmware Firewall Internet Internet 101

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. critical severity score of 9.8)

Firewall 98

Firewall VPN Authentication Hacking 98

Security Affairs

JUNE 17, 2022

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. On March 25, Sophos announced to have fixed the authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. MR3 (18.5.3)

Firewall 135

Firewall DNS Authentication Malware 135

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. SecurityAffairs – hacking, Zyxel). Pierluigi Paganini.

Firewall 130

Firewall VPN Authentication Cyber Attacks 130

CyberSecurity Insiders

FEBRUARY 23, 2022

A new malware developed by Sandworm hacking group has targeted appliances that are fire walled and reports are in that the military intelligence of the Russian Federation developed the malicious software. The post New Russia Malware targets firewall appliances appeared first on Cybersecurity Insiders.

Firewall 132

Firewall Malware IoT Software 132

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices.

Firewall 97

Firewall Firmware VPN DDOS 97

Security Affairs

DECEMBER 6, 2022

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. SecurityAffairs – hacking, code execution flaws). including arbitrary code execution issues.

Firewall 99

Firewall Wireless VPN Hacking 99

Security Affairs

MARCH 27, 2022

Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. and impacts Sophos Firewall versions 18.5

Firewall 94

Firewall Authentication VPN Hacking 94

Bleeping Computer

FEBRUARY 4, 2021

Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [.].

Firewall 140

Firewall Data breaches Network Security Software 140

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. ” reads the advisory.

Firewall 92

Firewall VPN Authentication Media 92

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

SEPTEMBER 24, 2022

Sophos warns that a critical code injection security vulnerability in its Firewall product is actively exploited in the wild. Sophos warns of a critical code injection security vulnerability, tracked as CVE-2022-3236, affecting its Firewall product which is being exploited in the wild. and impacts Firewall versions 18.5

Firewall 88

Firewall VPN Authentication Hacking 88

Schneier on Security

JULY 3, 2020

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Lots of details about the hack in the article.

Hacking 341

Hacking Telecommunications Encryption Firewall 341

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall 145

Firewall Passwords Accountability Advertising 145

Security Affairs

MARCH 30, 2022

SonicWall released security updates to address a remote code execution vulnerability that affects multiple firewall appliances. “A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.”

Firewall 93

Firewall Hacking Information Security 93

Security Affairs

JANUARY 31, 2021

Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members of the Great Firewall Report group have analyzed the recent improvement implemented for China’s Great Firewall censorship system and revealed that it is possible to bypass it.

Firewall 139

Firewall Surveillance Internet Internet 139

CyberSecurity Insiders

MAY 14, 2023

So, how is information stored in the cloud secured from hacks? Cloud providers also employ security measures such as firewalls, intrusion detection systems, and antivirus software to prevent attacks. Firewalls are barriers that prevent unauthorized access to a network or system.

Hacking 128

Hacking Antivirus Firewall Encryption 128

Security Boulevard

JANUARY 2, 2023

Introduction Every firewall in the market is vulnerable to hacking, despite what certain security providers may assert. Threat actors can still defeat a firewall’s security measures by employing a number of strategies.As Threat actors can still defeat a firewall’s security measures by employing a number of strategies.As

Firewall 52

Firewall Marketing Hacking Cybersecurity 52

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997.

Firewall 92

Firewall VPN Firmware Internet 92

SecureWorld News

FEBRUARY 22, 2024

Recently leaked documents from Chinese cybersecurity firm i-SOON provide an unprecedented look at China's extensive state-sponsored hacking operations. Experts agree that China's state-sponsored hacking remains a serious national security threat that requires greater cooperation and investment to address.

Hacking 87

Hacking Government Firewall Cyber threats 87

Security Affairs

MAY 21, 2020

Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. It was designed to download payloads intended to exfiltrate XG Firewall-resident data. Sophos was informed of the attacks exploiting the zero-day issue by one of its customers on April 22.

Firewall 141

Firewall Ransomware Passwords VPN 141

Security Affairs

APRIL 1, 2022

Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to its Known Exploited Vulnerabilities Catalog. The CVE-2022-1040 is an authentication bypass vulnerability that resides in the User Portal and Webadmin areas of Sophos Firewall. MR3 (18.5.3) and earlier.

Firewall 90

Firewall Authentication Hacking Cybersecurity 90

SecureWorld News

MARCH 12, 2024

When a website gets hacked, the aftermath can be expensive and long-lasting, and the recovery process is often extremely difficult. But what happens if a hack has already occurred? Next, let's discuss the steps to take to recover from a hack. So, instead of panicking, relax and focus on fixing your hacked WordPress site.

Hacking 90

Hacking Passwords Backups Firewall 90

Security Affairs

MARCH 29, 2022

Cybersecurity firm Sophos warned that the recently addressed CVE-2022-1040 flaw in Sophos Firewall is actively exploited in attacks. Sophos has recently fixed an authentication bypass vulnerability, tracked as CVE-2022-1040 , that resides in the User Portal and Webadmin areas of Sophos Firewall. and impacts Sophos Firewall versions 18.5

Firewall 74

Firewall Authentication Hacking Cybersecurity 74

Security Affairs

APRIL 1, 2022

Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. SecurityAffairs – hacking, Zyxel).

Firewall 96

Firewall VPN Firmware Authentication 96

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 Someone could for example change firewall settings to allow or block certain traffic. SecurityAffairs – hacking, Zyxel).

Firewall 142

Firewall VPN Firmware Passwords 142

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 120

VPN Firewall Firmware Authentication 120

Security Affairs

MAY 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. SecurityAffairs – hacking, Zyxel).

Firewall 80

Firewall Firmware VPN Wireless 80

Security Affairs

FEBRUARY 5, 2021

Security vendor Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls, including a Remote Code Execution flaw. Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls that were reported by Positive Technologies expert Andrey Medov. . SecurityAffairs – hacking, Fortinet).

Firewall 126

Firewall System Administration Technology Hacking 126

Schneier on Security

SEPTEMBER 9, 2021

Here’s me in 2015 about this Juniper hack. We knew the basics of this story , but it’s good to have more detail. Here’s me in 2007 on the NSA backdoor.

Hacking 286

Hacking Firewall 286

Security Affairs

JULY 16, 2020

Cisco has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices. SecurityAffairs – hacking, Cisco). An attacker could exploit the vulnerabilities to completely takeover the network devices.

Firewall 100

Firewall Small Business Wireless Authentication 100

The Hacker News

FEBRUARY 24, 2022

disclosed details of a new botnet malware called Cyclops Blink that's been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. Intelligence agencies in the U.K. and the U.S.

Hacking 99

Hacking Firewall Malware 99

Security Affairs

JUNE 13, 2023

BleepingComputer reported that searching for Fortigate firewalls exposed online there are more than 250K installs worldwide , most of them in the US. The issue impacts at least: FortiOS-6K7K version 7.0.10 FortiOS-6K7K version 7.0.5 FortiOS-6K7K version 6.4.12 FortiOS-6K7K version 6.4.10 FortiOS-6K7K version 6.4.8 FortiOS-6K7K version 6.4.6

Firewall 92

Firewall VPN Firmware Manufacturing 92