Security Affairs

FEBRUARY 23, 2022

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). According to WatchGuard , Cyclops Blink may have affected roughly 1% of all active WatchGuard firewall appliances.

Malware 112

Malware Firmware Architecture Firewall 112

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

Ransomware 89

Ransomware Firmware VPN Passwords 89

Security Affairs

APRIL 6, 2022

“The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet.” The malware leverages the firmware update process to achieve persistence. ” reads the press release published by DoJ. ” reads the DoJ.

Malware 98

Malware Government Firmware Firewall 98

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware 94

Firmware IoT VPN Authentication 94

eSecurity Planet

MARCH 30, 2023

Although best known for their industry-leading firewall technology, Fortinet harnesses their knowledge of network protection to create a powerful network access control (NAC) solution. Founded in 2000 , Sunnyvale, California headquartered Fortinet’s flagship FortiGate provides enterprise-grade firewall solutions.

IoT 92

IoT Firewall Wireless Mobile 92

eSecurity Planet

JULY 1, 2024

June 25, 2024 Critical Flaw in MOVEit Transfer Impacts Over 2000 Instances Type of vulnerability: Authentication bypass and improper authentication. Employing web application firewalls (WAF) can also mitigate SQL injection risks. Apple AirPods Firmware Update Fixes Major Flaws Type of vulnerability: Authentication bypass.

Risk 63

Risk Authentication Firmware Software 63

eSecurity Planet

DECEMBER 7, 2023

The three innovators and MIT patented the RSA algorithm, a proprietary system available through RSA Security until its public release in 2000. This feature can be included in firmware, in operating systems, or as a feature in open-source, shareware, or commercial applications.

Encryption 104

Encryption Authentication Passwords Password Management 104