Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions.

VPN 144

VPN Firewall Firmware Authentication 144

Security Affairs

OCTOBER 24, 2024

Cisco addressed multiple vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including an actively exploited flaw tracked as CVE-2024-20481. is a Denial of Service (DoS) issue that impacts the Remote Access VPN (RAVPN) service of ASA and FTD.

VPN 124

VPN Firewall Passwords Software 124

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 127

Firewall Internet Internet VPN 127

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 2020 VPN series running firmware ZLD V4.60 Someone could for example change firewall settings to allow or block certain traffic.

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. “When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. ” reads the report.

Firewall 67

Firewall Ransomware VPN Encryption 67

Cisco Security

DECEMBER 14, 2022

Introduction to Cisco Secure Firewall 7.3. Cisco’s latest release of Secure Firewall operating system, Secure Firewall Threat Defence Version 7.3, addresses key concerns for today’s firewall customers. allows for the fingerprinting of traffic that is using the QUIC Protocol in Secure Firewall 7.3.

Firewall 145

Firewall VPN Encryption DNS 145

Cisco Security

MAY 26, 2021

This is where Cisco Secure Firewall Cloud Native (SFCN) comes in. Cisco Secure Firewall Cloud Native brings together the benefits of Kubernetes and Cisco’s industry-leading security technologies, providing a resilient architecture for infrastructure security at scale. Redis DB: The Redis database has information on VPN sessions.

Firewall 132

Firewall VPN Architecture DNS 132

Security Affairs

APRIL 19, 2025

Arctic Wolf has uncovered an active campaign, running from January to April 2025, targeting SonicWall SMA 100 series appliances to steal VPN credentials. “It is important to note that even fully patched firewall devices may still become compromised if accounts use poor password hygiene.”

Passwords 107

Passwords Firewall VPN Accountability 107

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Follow me on Twitter: @securityaffairs and Facebook.

Firewall 141

Firewall Authentication VPN Cyber Attacks 141

Cisco Security

APRIL 6, 2022

“I so look forward to the next firewall hardware upgrade cycle!”. – If I learned one thing from my firewall customers over the many years, it would be that they like to upgrade their hardware appliances as much as an average consumer likes to shop for a new car. This is how the new mid-range Secure Firewall 3100 Series was born.

Firewall 145

Firewall Architecture Encryption VPN 145

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN 144

VPN Government Firmware Authentication 144

Security Affairs

OCTOBER 25, 2024

is a Denial of Service (DoS) issue that impacts the Remote Access VPN (RAVPN) service of ASA and FTD. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. Services that are not related to VPN are not affected.” reads the advisory. continues the advisory.

VPN 114

VPN Firewall Technology Passwords 114

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 2 VPN ZLD V4.30

Firewall 98

Firewall VPN Authentication Hacking 98

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Firewall 132

Firewall Passwords VPN Authentication 132

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN 142

VPN Firewall Advertising Internet 142

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 138

Firewall VPN Authentication Hacking 138

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild. Impacted versions are R80.20.x,

VPN 126

VPN Authentication Passwords Accountability 126

The Last Watchdog

MARCH 6, 2021

Remote workers face having both their personal and work-related information compromised. Many people use a virtual private network (VPN) to bypass geographic restrictions on streaming sites or other location-specific content. Since a VPN tunnels traffic through a server in a location of your choosing. Set up firewalls.

VPN 214

VPN Firewall Antivirus Risk 214

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 141

VPN Firewall Authentication Hacking 141

Malwarebytes

NOVEMBER 6, 2024

A stolen or lost device is stressful enough without having to worry about confidential information. Use a firewall and VPN A firewall protects an entry point to a network while a VPN creates an encrypted tunnel between two networks. Know what legal body you need to inform in case of a breach.

Small Business 99

Small Business Backups Firewall VPN 99

eSecurity Planet

NOVEMBER 1, 2021

Firewalls are as central to IT security as antivirus programs are to PCs, and the multi-billion-dollar market remains large and growing. But the term “firewall” is far too broad to be of much use to IT security buyers. Types of Firewalls. What is a Firewall? Firewalls protect both on-premises and cloud environments.

Firewall 113

Firewall Small Business Marketing Software 113

Security Affairs

MAY 8, 2024

TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. The researchers referred to this result as “decloaking.”

VPN 135

VPN Firewall Marketing Encryption 135

eSecurity Planet

NOVEMBER 4, 2021

We use passwords to authenticate our users, run antivirus to keep malware off our endpoints , monitor our networks, and implement firewalls so we can have multiple defenses against attackers. This makes the protocol vulnerable to man-in-the-middle attacks where an attacker can intercept and see all information packets.

VPN 123

VPN Firewall Encryption Passwords 123

Security Affairs

OCTOBER 29, 2024

“Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.” Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities. ” reads the press release published by Eurojust.

Identity Theft 126

Identity Theft Malware Passwords Banking 126

Security Affairs

JULY 16, 2020

Cisco has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices. The post Cisco fixes 5 critical flaws that could allow router firewall takeover appeared first on Security Affairs.

Firewall 133

Firewall Small Business Wireless Authentication 133

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 141

VPN Firewall Accountability Cybersecurity 141

Security Affairs

DECEMBER 3, 2023

Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. CVE-2023-35139 – A cross-site scripting (XSS) vulnerability in the CGI program of some firewall versions could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device.

Firewall 131

Firewall Authentication VPN Cyber Attacks 131

eSecurity Planet

FEBRUARY 9, 2024

A next generation firewall (NGFW) performs deep packet inspection to check the contents of the data flowing through the firewall. Unlike more basic firewalls that only check the header of data packets, NGFWs examine and evaluate the payload data within the packet. Application Sending and receiving application information 6.

Firewall 113

Firewall Encryption Malware Artificial Intelligence 113

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The Volt Typhoon group has been active since at least mid-2021 it carried out cyber operations against critical infrastructure.

VPN 124

VPN Government Malware Manufacturing 124

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. OS ) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. x base score of 10. . Pierluigi Paganini.

Firewall 125

Firewall Authentication VPN Advertising 125

eSecurity Planet

AUGUST 27, 2024

A virtual private network (VPN) does more than just mask your identity—it fundamentally changes how your data moves across the internet. But what’s really going on under the hood when you browse the web using a VPN? Step 3: Data Transmission to the VPN Server The encrypted data is then transmitted to the VPN server.

VPN 103

VPN Encryption Internet Internet 103

Security Affairs

NOVEMBER 11, 2021

Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Exploitation of these together yields remote code execution under the privileges of the affected component on the firewall device.” SecurityAffairs – hacking, GlobalProtect VPN ). Pierluigi Paganini.

VPN 129

VPN Firewall Hacking Internet 129

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. This is reachable pre-authentication, on every SSL VPN appliance.

Firewall 98

Firewall VPN Authentication Media 98

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

Firewall 133

Firewall Government VPN Authentication 133

Malwarebytes

MAY 7, 2021

A Virtual Private Network (VPN) creates a safe “tunnel” between you and a computer you trust (normally your VPN provider) to protect your traffic from spying and manipulation. Any VPN worth its money encrypts the information that passes through it, so in this article we will ignore those that don’t use encryption.

VPN 105

VPN Encryption Internet Internet 105

Security Affairs

SEPTEMBER 24, 2022

Sophos warns that a critical code injection security vulnerability in its Firewall product is actively exploited in the wild. Sophos warns of a critical code injection security vulnerability, tracked as CVE-2022-3236, affecting its Firewall product which is being exploited in the wild. and impacts Firewall versions 18.5

Firewall 100

Firewall VPN Authentication Hacking 100

Security Affairs

MARCH 27, 2022

Sophos has addressed a critical vulnerability, tracked as CVE-2022-1040, in its Sophos Firewall that allows remote code execution (RCE). Sophos has fixed an authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall. and impacts Sophos Firewall versions 18.5

Firewall 100

Firewall Authentication VPN Hacking 100