Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. In a security advisory published Aug. Researchers believe the activity is linked to Volt Typhoon , a Chinese cyber espionage group focused on infiltrating critical U.S. ”

Internet 343

Internet Internet Technology Engineering 343

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 108

Firewall Authentication Architecture Internet 108

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall 145

Firewall Passwords Accountability Advertising 145

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet. ” reads the advisory published by Bishop Fox.

Firewall 144

Firewall Hacking Firmware Internet 144

Security Affairs

JANUARY 31, 2021

Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members of the Great Firewall Report group have analyzed the recent improvement implemented for China’s Great Firewall censorship system and revealed that it is possible to bypass it.

Firewall 144

Firewall Surveillance Internet Internet 144

Security Affairs

SEPTEMBER 19, 2023

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845.

Firewall 143

Firewall Internet Internet Authentication 143

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n

Firewall 128

Firewall Firmware Malware Internet 128

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

Firewall 106

Firewall VPN Passwords Internet 106

Security Affairs

DECEMBER 3, 2023

Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. CVE-2023-35139 – A cross-site scripting (XSS) vulnerability in the CGI program of some firewall versions could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device.

Firewall 133

Firewall Authentication VPN Cyber Attacks 133

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 Someone could for example change firewall settings to allow or block certain traffic. Patch1 in Dec. Patch1 in Dec. Patch1 in Dec.

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. The security firm reported that this vulnerability is being used in attacks against a small set of specific organizations, primarily in South Asia. reads the advisory. “A reads the advisory.

Firmware 133

Firmware Firewall Internet Internet 133

Security Boulevard

MAY 6, 2021

The most important and integral part of any data security begins with having firewalls installed in the environment. Not just that, installing firewalls is an essential requirement of the Payment Card Industry Data Security Standard (PCI DSS ). What is a PCI DSS Compliant Firewall? Requirements. Description.

Small Business 100

Small Business Firewall Wireless Internet 100

Security Affairs

AUGUST 10, 2020

An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference , explained that satellite internet communications are susceptible to eavesdropping and signal interception.

Internet 136

Internet Internet Advertising Encryption 136

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices.

Firewall 98

Firewall Firmware VPN DDOS 98

SiteLock

AUGUST 27, 2021

A web application firewall — also known as a WAF — is basically a website’s gatekeeper. You may think that your small business’s website doesn’t receive enough traffic to necessitate a gatekeeper, but consider this: More than 60% of all internet traffic is made up of bots. What Do Web Application Firewalls Protect Against?

Small Business 98

Small Business Firewall Retail Encryption 98

Security Affairs

SEPTEMBER 22, 2022

Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. The tool is not designed to be exposed on the Internet, however, researchers spotted tens thousands Redis instance publicly accessible without authentication. ” warns Censys. bash_history).

Cryptocurrency 120

Cryptocurrency Internet Internet Hacking 120

Security Affairs

MAY 13, 2022

Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) through ZLD V5.21 Patch 1 ZLD V5.30 USG FLEX 50(W) / USG20(W)-VPN ZLD V5.10 through ZLD V5.21

Firewall 98

Firewall Firmware VPN Wireless 98

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. “If only 153,414 devices on the internet are patched, that leaves 335,923 / 489,337 = 69% unpatched.”

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet 132

Internet Internet DNS Telecommunications 132

Security Affairs

MAY 17, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. through ZLD V5.21 Patch 1 ZLD V5.30

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

OCTOBER 13, 2024

A cyber attack hit Iranian government sites and nuclear facilities Ransomware operators exploited Veeam Backup & Replication flaw CVE-2024-40711 in recent attacks GitLab fixed a critical flaw that could allow arbitrary CI/CD pipeline execution Iran and China-linked actors used ChatGPT for preparing attacks Internet Archive data breach impacted (..)

Data breaches 119

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 119

Security Affairs

SEPTEMBER 6, 2024

. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.” ” reads the SonicWall’s advisory. 5035 and older versions. ” reads the advisory.

Firewall 129

Firewall Passwords Internet Internet 129

Security Affairs

JUNE 27, 2023

Researchers at Censys have identified hundreds of devices deployed within federal networks that have internet-exposed management interfaces. The experts focused on roughly 1,300 of these hosts that were accessible online and discovered hundreds of devices with management interfaces exposed to the public internet.

Internet 98

Internet Internet Firewall Wireless 98

SecureList

DECEMBER 9, 2024

was used by tens of millions of websites approximately 4% of all sites on the internet which highlights the severity of the incident, whose full impact is yet to be determined. However, delegating tasks also introduces new information security challenges. Fortinet firewall vulnerabilities What happened?

Internet 114

Internet Internet Risk Social Engineering 114

The Last Watchdog

DECEMBER 31, 2019

Related: Good to know about IoT Physical security is often a second thought when it comes to information security. Despite this, physical security must be implemented correctly to prevent attackers from gaining physical access and taking whatever they desire.

Cyber Risk 173

Cyber Risk Risk Firewall Surveillance 173

Security Affairs

DECEMBER 4, 2024

These include scrutinizing network device configurations, implementing advanced monitoring solutions, and restricting internet exposure of management traffic. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies. are essential for protecting data.

Telecommunications 114

Telecommunications Government Mobile Cyber threats 114

CyberSecurity Insiders

JUNE 20, 2023

The terms computer security, information security and cybersecurity were practically non-existent in the 1980s, but believe it or not, firewalls have existed in some form since that time. But what sets NGFWs apart from traditional firewalls? NGFWs offer several advantages over traditional firewalls.

Firewall 76

Firewall Network Security Architecture Digital transformation 76

Security Affairs

MAY 28, 2025

PumaBot skips broad internet scans and instead pulls a list of targets from its C2 server to brute-force SSH logins. Finally, secure SSH access by limiting exposure of port 22 with strict firewall rules. Once in, it runs remote commands and sets up persistence by creating system service files.

Surveillance 76

Surveillance IoT Malware Manufacturing 76

Security Affairs

NOVEMBER 13, 2023

At the end of August, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. The Juniper firewalls use the Appweb web server. The affected firewalls run FreeBSD, and every FreeBSD process can access their stdin by opening /dev/fd/0.

Firewall 139

Firewall Authentication Internet Internet 139

Security Affairs

JUNE 25, 2021

Fortinet has recently fixed a high-severity vulnerability affecting its FortiWeb web application firewall (WAF) that can be exploited by remote attackers to execute arbitrary commands. The vulnerability in the management interface of FortiWeb firewall was discovered by Andrey Medov, from cybersecurity firm Positive Technologies.

Hacking 138

Hacking Firewall Authentication Technology 138

Daniel Miessler

MAY 14, 2020

I wrote an article recently on how to secure your home network in three different tiers of protection. In that piece I wanted to link to some safe internet practices—which some used to call Safe Hex—but I couldn’t find anything newer than nine years old. don’t install software from random places on the internet.

Risk 345

Risk Passwords Password Management Accountability 345

Cisco Security

FEBRUARY 15, 2022

Cisco helped the NFL achieve a strong, continuously available and protected Super Bowl enterprise network through a mix of cloud and on-premises security technology, up-to-the-minute threat intelligence, and some of the industry’s most talented cybersecurity professionals.

Firewall 145

Firewall Technology Malware Network Security 145

Security Affairs

DECEMBER 11, 2024

. “Additionally, Visual Studio Code tunneling involves executables signed by Microsoft and Microsoft Azure network infrastructure, both of which are often not closely monitored and are typically allowed by application controls and firewall rules. As a result, this technique may be challenging to detect and could evade security defenses.”

Firewall 77

Firewall Malware Accountability Technology 77

Security Affairs

OCTOBER 16, 2020

. “A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. “This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”

VPN 143

VPN Firewall Advertising Internet 143

The Last Watchdog

MAY 19, 2022

As every computer security professional knows, if anything is on the Internet, it’s subject to increasingly sophisticated attacks. percent of CMS users worry about the security of their CMS—while 46.4 percent actually had a CMS security issue affect their content. All APIs should use the TLS v1.2 (or

Data breaches 262

Data breaches Encryption Mobile Technology 262

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 103

Firewall Authentication Internet Internet 103

Security Affairs

AUGUST 22, 2021

The team focused its analysis on Windows Firewall and AppContainer that were designed by Microsoft to limit the attack surface of applications. “Recently I’ve been delving into the inner workings of the Windows Firewall. ” reads the security advisory published by Microsoft. ” wrote Forshaw.

Firewall 129

Firewall Internet Internet Hacking 129