Security Affairs

DECEMBER 27, 2024

An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane. Repeated exploitation forces the firewall into maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.” ” reads the advisory.

DNS 113

DNS Firewall Spyware Software 113

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall 143

Firewall Hacking Firmware Internet 143

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 127

Firewall Internet Internet VPN 127

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. “When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. 13.73.13.73, 8.8.8.8, ” reads the report.

Firewall 66

Firewall Ransomware VPN Encryption 66

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 116

Firewall Authentication Internet Internet 116

Security Affairs

OCTOBER 29, 2024

“An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.” ” Prior to August 2024, Fog and Akira ransomware attacks targeted a variety of firewall brands.

VPN 129

VPN Ransomware Firewall Internet 129

Security Affairs

MAY 18, 2025

“While inverters are built to allow remote access for updates and maintenance, the utility companies that use them typically install firewalls to prevent direct communication back to China.” experts who strip down equipment hooked up to grids to check for security issues, the two people said.”

Energy and Utilities 145

Energy and Utilities Manufacturing Government Hacking 145

Security Affairs

OCTOBER 24, 2024

Cisco addressed multiple vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including an actively exploited flaw tracked as CVE-2024-20481. The vulnerability CVE-2024-20481 (CVSS score of 5.8)

VPN 123

VPN Firewall Passwords Software 123

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 106

Firewall Authentication Architecture Internet 106

Security Affairs

APRIL 11, 2024

Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. ” reads the advisory. .’

Firewall 138

Firewall Software Engineering Authentication 138

Security Affairs

JUNE 17, 2022

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. On March 25, Sophos announced to have fixed the authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall.

Firewall 144

Firewall DNS Authentication Malware 144

Security Affairs

JANUARY 31, 2021

Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members of the Great Firewall Report group have analyzed the recent improvement implemented for China’s Great Firewall censorship system and revealed that it is possible to bypass it.

Firewall 144

Firewall Surveillance Internet Internet 144

Security Affairs

DECEMBER 15, 2023

Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it. ” reads the analysis published by SonarSource.

Firewall 140

Firewall Phishing Authentication Hacking 140

Security Affairs

DECEMBER 9, 2022

Claroty researchers devised a technique for bypassing the web application firewalls (WAF) of several vendors. Researchers at industrial and IoT cybersecurity firm Claroty devised an attack technique for bypassing the web application firewalls (WAF) of several industry-leading vendors. SecurityAffairs – hacking, WAF).

Firewall 143

Firewall Wireless IoT Hacking 143

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. SecurityAffairs – hacking, Zyxel).

Firewall 141

Firewall VPN Authentication Cyber Attacks 141

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n

Firewall 126

Firewall Firmware Malware Internet 126

Security Affairs

NOVEMBER 15, 2024

The vulnerabilities reside in the Palo Alto Networks’ Expedition solution, which is a migration tool designed to help organizations move configurations from other firewall platforms (like Check Point, Cisco, and others) to Palo Alto’s PAN-OS. reads the advisory. CISA orders federal agencies to fix this vulnerability by December 5, 2024.

Firewall 109

Firewall Passwords Authentication Phishing 109

Security Affairs

APRIL 19, 2025

. “It is important to note that even fully patched firewall devices may still become compromised if accounts use poor password hygiene.”

Passwords 106

Passwords VPN Firewall Accountability 106

Security Affairs

SEPTEMBER 19, 2023

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845.

Firewall 141

Firewall Internet Internet Authentication 141

Security Affairs

NOVEMBER 7, 2024

CVE-2024-5910 – In July, Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin account takeover.

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 137

Firewall VPN Authentication Hacking 137

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 143

VPN Firewall Firmware Authentication 143

Security Affairs

FEBRUARY 5, 2021

Security vendor Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls, including a Remote Code Execution flaw. Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls that were reported by Positive Technologies expert Andrey Medov. . SecurityAffairs – hacking, Fortinet).

Firewall 143

Firewall System Administration Technology Hacking 143

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 Someone could for example change firewall settings to allow or block certain traffic. SecurityAffairs – hacking, Zyxel).

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

DECEMBER 3, 2023

Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. CVE-2023-35139 – A cross-site scripting (XSS) vulnerability in the CGI program of some firewall versions could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device.

Firewall 130

Firewall Authentication VPN Cyber Attacks 130

Security Affairs

MAY 1, 2024

Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, DNS)

DNS 141

DNS Firewall DDOS Hacking 141

Security Affairs

OCTOBER 9, 2024

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack PAN-OS firewalls. ” reads the advisory. ” reads the advisory.

Firewall 128

Firewall Passwords Authentication Phishing 128

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Firewall 131

Firewall Passwords VPN Authentication 131

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. The security firm reported that this vulnerability is being used in attacks against a small set of specific organizations, primarily in South Asia. reads the advisory. “A reads the advisory.

Firmware 131

Firmware Firewall Internet Internet 131

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities.

Identity Theft 125

Identity Theft Passwords Malware Banking 125

Security Affairs

JANUARY 12, 2024

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Juniper ) ” reads the advisory published by the vendor.

Firewall 134

Firewall Hacking Software Information Security 134

Security Affairs

JUNE 25, 2021

Fortinet has recently fixed a high-severity vulnerability affecting its FortiWeb web application firewall (WAF) that can be exploited by remote attackers to execute arbitrary commands. The vulnerability in the management interface of FortiWeb firewall was discovered by Andrey Medov, from cybersecurity firm Positive Technologies.

Hacking 136

Hacking Firewall Authentication Technology 136

Security Affairs

JANUARY 7, 2021

An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack. The flaws, tracked as CVE-2020-29015 , CVE-2020-29016 , CVE-2020-29018 , and CVE-2020-29019 , have been already addressed by Fortinet with the release of security patches.

Hacking 140

Hacking Firewall Technology Information Security 140

Security Affairs

JUNE 2, 2025

By leveraging counter antivirus services, malicious actors refine their weapons against the worlds toughest security systems to better slip past firewalls, evade forensic analysis, and wreak havoc across victims systems.

Antivirus 110

Antivirus Cybercrime Malware Firewall 110

Security Affairs

NOVEMBER 2, 2024

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Improved operational security, including disrupting firewall telemetry to hinder detection and minimize their digital footprint.

Firmware 121

Firmware Government Firewall Malware 121

Security Affairs

DECEMBER 9, 2023

Threat actors hacked a small water utility in Ireland and interrupted the water supply for two days. “Our caretaker went down and when he got to the pumphouse, up on the screen was a sign ‘You have been hacked’. ” Mr Walsh announced that the water facility is currently improving their security systems. .”

Hacking 145

Hacking Firewall Cyber Attacks Media 145

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116