2014, Firewall and Internet - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall

Firewall Passwords Accountability Advertising

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

Firewall

Firewall VPN Passwords Internet

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

The Last Watchdog

APRIL 23, 2019

I recently sat down with Gadi Naor, CTO and co-founder of Alcide , to learn more about the “microservices firewall” this Tel Aviv-based security start-up is pioneering. Then on June 7, 2014, Google released Kubernetes – Greek for helmsman – to the open source software community. Talk more soon.

Marketing

Marketing Firewall Architecture Software

Spying on satellite internet comms with a $300 listening station

Security Affairs

AUGUST 10, 2020

An attacker could use $300 worth of off-the-shelf equipment to eavesdrop and intercept signals from satellite internet communications. The academic researcher James Pavur, speaking at Black Hat 2020 hacking conference , explained that satellite internet communications are susceptible to eavesdropping and signal interception.

Internet

Internet Internet Advertising Encryption

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. “If only 153,414 devices on the internet are patched, that leaves 335,923 / 489,337 = 69% unpatched.” ” continues the report.

Firewall

Firewall VPN Firmware Internet

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

. “A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. “This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”

VPN

VPN Firewall Advertising Internet

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone. The researchers scanned the Internet for printers that are exposing their Internet Printing Protocol (IPP) port online. and printers (or print servers).

Internet

Internet Internet Firmware Advertising

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

DECEMBER 8, 2020

Locking down web gateways and erecting a robust firewall were considered the be-all and end-all. Related: The shared burden of securing the Internet of Things. Company networks must support endless permutations of users and apps, both on-premises and in the Internet cloud. Fast forward to the 21 st Century’s third decade.

Firewall

Firewall Digital transformation Internet Internet

CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

Security Affairs

JULY 24, 2020

Cisco fixed CVE-2020-3452 high-severity path traversal flaw in its firewalls that can be exploited by remote attackers to obtain sensitive files from the targeted system. Researchers from Rapid7 scanned the Internet for ASA/FTD devices, it reported the presence of 85,000 units, 398 of which are spread across 17% of the Fortune 500.

Firewall

Firewall Advertising Software Hacking

DoS attack the caused disruption at US power utility exploited a known flaw

Security Affairs

SEPTEMBER 9, 2019

A DoS attack that caused disruptions at a power utility in the United States exploited a flaw in a firewall used in the facility. The incident took place earlier this year, threat actors exploited a known vulnerability in a firewall used by the affected facility to cause disruption. and 7 p.m., power grid ( Energywire , April 30).

Energy and Utilities

Energy and Utilities Firewall Firmware Advertising

Juniper Networks addressed many issues in its products

Security Affairs

JULY 10, 2020

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Firmware Firewall Internet

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

Below the recommendations provided by ESET on how to configure remote access correctly: Disable internet-facing RDP. If that is not possible, minimize the number of users allowed to connect directly to the organization’s servers over the internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Internet Internet Advertising

79 Netgear router models affected by a dangerous Zero-day

Security Affairs

JUNE 18, 2020

Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models. “This could be accomplished in a number of ways, most notably with firewall rules/whitelisting.”

Firmware

Firmware Internet Internet Advertising

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Configure network firewalls to block unauthorized IP addresses and disable port forwarding. Pierluigi Paganini. SecurityAffairs – hacking, FBI).

DDOS

DDOS IoT Internet Internet

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. “He’d been told the organization had an extensive system to prevent cyberattacks, but this new virus evaded all their firewalls and antivirus software. . Pierluigi Paganini.

Antivirus

Antivirus Malware Phishing Advertising

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

MAY 25, 2022

XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. MMD believed the Linux Trojan originated in China.

Malware

Malware IoT DDOS DNS

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. After filtering out most of the false positives, we were left with more than 800,000 printers that had network printing features enabled and were accessible over the internet.

Hacking

Hacking IoT Firmware Internet

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Unlike other IoT DDoS botnets, Ttint implements 12 remote access functions such as Socket5 proxy for router devices, tampering with router firewall and DNS settings, executing remote custom system commands. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the report.

IoT

IoT Firmware Advertising DNS

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

The worm also steals local credentials, and scans the internet for misconfigured Docker platforms.” Use firewall rules to limit any access to Docker APIs. We strongly recommend using a whitelisted approach for your firewall ruleset. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firewall

Firewall Advertising Malware Cryptocurrency

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Security Affairs

OCTOBER 17, 2018

The exploitation of this vulnerability could cause major problems on the Internet. million servers running RPCBIND on the Internet. On that day, one of the web application firewalls (WAFs) installed in the XLabs SOC (security operations center) detected an abnormal pattern of network traffic that caught the eye of Mauricio.

DDOS

DDOS Internet Internet Advertising

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. Experts also recommend to access admin endpoints only through firewall or VPN gateway. ” concludes the experts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

Security Affairs

JANUARY 17, 2020

China continues to intensify the monitoring of the cyberspace applying and persecution of VPN services that could be used to bypass its censorship system known as the Great Firewall. The Great Firewall project already blocked access to more hundreds of the world’s 1,000 top websites, including Google, Facebook, Twitter, and Dropbox.

VPN

VPN Firewall Advertising Media

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. Scan all software downloaded from the Internet prior to executing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Malware

Malware Passwords Advertising Antivirus

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

CISA also published a security advisory for these vulnerabilities, the US agency provided the following recommendations to the users: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Authentication VPN Firewall

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

Security Affairs

JULY 30, 2019

Even a device that is reaching outbound to the internet could be attacked and taken over. “As an example of this scenario, consider how such an attack can take over the SonicWall firewall, which runs on the impacted VxWorks OS.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Risk

Risk IoT Firewall DNS

MY TAKE: How ‘CASBs’ are evolving to close the security gaps arising from digital transformation

The Last Watchdog

APRIL 5, 2019

Caz-bees first took shape as a cottage industry circa 2013 to 2014 in response to a cry for help from companies reeling from new Shadow IT exposures : the risk created by early-adopter employees, quite often the CEO, insisting on using the latest smartphone and Software-as-a-Services tools, without any shred of security vetting.

Digital transformation

Digital transformation CSO Firewall Risk

Cyber Defense Magazine – September 2019 has arrived. Enjoy it!

Security Affairs

SEPTEMBER 4, 2019

In addition, we’re shooting for 7x24x365 uptime as we continue to scale with improved Web App Firewalls, Content Deliver Networks (CDNs) around the Globe, Faster and More Secure DNS and CyberDefenseMagazineBackup.com up and running as an array of live mirror sites.

DNS

DNS Advertising Firewall Mobile

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. Scan all software downloaded from the Internet prior to executing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Government Passwords Advertising

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP or Internet Protocol address is your digital identity on the internet. It may be used to download unauthorized stuff or may be used for uploading disputed content on the internet. It disguises your original identity and location and allows you to access the internet from a remote server. Secure Your Router.

Hacking

Hacking VPN Internet Internet

The strengths and weaknesses of different VPN protocols

Security Affairs

APRIL 26, 2019

One in four internet users use a VPN regularly, but how much does the average user know about what goes on behind the software? Different protocols create different ways that connect your device and the internet through encrypted tunnels. Firewalls can easily block it because it only communicates over UDP.

VPN

VPN Encryption Firewall Internet

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

In addition to installing the patches from Microsoft, Windows users can mitigate attacks: Block TCP Port 3389 at your firewalls, especially any perimeter firewalls exposed to the internet. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Enable Network Level Authentication. Pierluigi Paganini.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

The hackers targeted unnamed companies in software development, e-commerce, and an internet service provider around the world, including Poland, Germany, Turkey, Korea, Japan, and India. MATA is also able to target Linux-based diskless network devices, including such as routers, firewalls, or IoT devices. Pierluigi Paganini.

Malware

Malware Ransomware Advertising Encryption

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. Passwords can be found in p roduct documentation and compiled lists available on the Internet.”

DDOS

DDOS Hacking Internet Internet

WECON PI Studio HMI software affected by code execution flaws

Security Affairs

OCTOBER 8, 2018

Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet. Locate control system networks and remote devices behind firewalls, and isolate them from the business network. Pierluigi Paganini. Security Affairs – WECON, SCADA ).

Software

Software Manufacturing Advertising VPN

China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors

Security Affairs

DECEMBER 5, 2019

The Great Cannon has been used in the past to knock-out two anti-censorship GitHub pages and the GreatFire.org (a portal that exposes internet censorship worldwide ). ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Firewall Advertising Government

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

“Do not leave the product directly exposed to the internet. If possible, connect it to a security router or firewall for additional protection,” Zyxel recommends. . CERT/CC also provides mitigations such as blocking access to the web interface (80/tcp and 443/tcp) and avoiding exposing the NAS to the Internet.

Authentication

Authentication Advertising Firmware Internet

DanaBot banking Trojan evolves and now targets European countries

Security Affairs

SEPTEMBER 22, 2018

Sniffer plug-in – injects malicious scripts into a victim’s browser, usually while visiting internet banking sites. The malware also implemented the RDP plug-in because the protocol is less likely to be blocked by firewalls, experts also highlighted that the RDPWrap allows several users to use the same machine concurrently.

Banking

Banking Advertising VPN Architecture

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

It is better to use ICAP (Internet Content Adaptation Protocol) servers or excellent Antivirus systems to protect the data of your company. API Firewalling. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Firewall Encryption Passwords

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. Attacks that infect a high volume of devices with a direct internet interface (i.e., Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Manufacturing Internet Internet

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

AUGUST 31, 2019

Launching Password Cracking Telnet Scans and Infecting Devices: After the execution of binary , it was also noticed that Ares triggered scanning for exposed Telnet services on the Internet in order to compromise them using password based scanning attempts as shown in Figure 3.” ” continues the analysis. Pierluigi Paganini.

IoT

IoT Passwords Advertising Malware

Millions of Exim mail servers are currently under attack

Security Affairs

JUNE 13, 2019

. “ CVE-2019-10149 , which was first discovered on June 5, is now being used as the vulnerability for a widespread campaign to attack exim servers and propagate across the Internet.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads a blog post published by Cybereason.

Advertising

Advertising Authentication Internet Internet

Dozens of Linksys router models leak data useful for hackers

Security Affairs

MAY 18, 2019

The devices continue to leak the information even when their firewall is turned on. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Unfortunately, the flaw is very easy to exploit, and it is possible. Pierluigi Paganini.

Wireless

Wireless IoT Advertising DNS

CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

JANUARY 31, 2022

The CVE-2021-20038 vulnerability impacts SMA 100 series appliances (including SMA 200, 210, 400, 410, and 500v) even when the web application firewall (WAF) is enabled. ” reads the announcement published by CISA. ” reads the announcement published by CISA. Follow me on Twitter: @securityaffairs and Facebook.

Small Business

Small Business Firewall Technology Risk

MyBook Users Urged to Unplug Devices from Internet

Hackers exploit SQL injection zero-day issue in Sophos firewall

Trending Sources

Sophos fixed a critical vulnerability in Cyberoam firewalls

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

Spying on satellite internet comms with a $300 listening station

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

A daily average of 80,000 printers exposed online via IPP

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

CVE-2020-3452 flaw in Cisco ASA/FTD exploited within hours after the disclosure

DoS attack the caused disruption at US power utility exploited a known flaw

Juniper Networks addressed many issues in its products

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

79 Netgear router models affected by a dangerous Zero-day

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Microsoft’s case study: Emotet took down an entire network in just 8 days

Massive increase in XorDDoS Linux malware in last six months

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

New Ttint IoT botnet exploits two zero-days in Tenda routers

TeamTNT is the first cryptomining bot that steals AWS credentials

Brazil expert discovers Oracle flaw that allows massive DDoS attacks

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Chinese police arrested the operator of unauthorized VPN service that made $1.6 million from his activity

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Flaws in leading industrial remote access systems allow disruption of operations

Critical zero-days discovered in VxWorks RTOS, billions of devices at risk

MY TAKE: How ‘CASBs’ are evolving to close the security gaps arising from digital transformation

Cyber Defense Magazine – September 2019 has arrived. Enjoy it!

US govt agencies share details of the China-linked espionage malware Taidoor

5 Ways to Protect Yourself from IP Address Hacking

The strengths and weaknesses of different VPN protocols

NSA urges Windows Users and admins to Patch BlueKeep flaw

New MATA Multi-platform malware framework linked to NK Lazarus APT

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

WECON PI Studio HMI software affected by code execution flaws

China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors

Zyxel addresses Zero-Day vulnerability in NAS devices

DanaBot banking Trojan evolves and now targets European countries

API Security and Hackers: What?s the Need?

5 IoT Security Predictions for 2019

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Millions of Exim mail servers are currently under attack

Dozens of Linksys router models leak data useful for hackers

CISA adds 8 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Stay Connected