2018, Firewall and Internet - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.

Internet

Internet Internet Backups Small Business

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2018-13379: The Eternal Exploit What is CVE-2018-13379?

VPN

VPN Authentication Ransomware Risk

M?ris Bot infects MikroTik routers compromised in 2018

Security Affairs

SEPTEMBER 14, 2021

Last week, the Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an internet shutdown. If somebody got your password in 2018, just an upgrade will not help.

DDOS

DDOS Firewall Passwords Internet

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

The Last Watchdog

APRIL 23, 2019

I recently sat down with Gadi Naor, CTO and co-founder of Alcide , to learn more about the “microservices firewall” this Tel Aviv-based security start-up is pioneering. billion in 2018. Alcide’s microservices firewall seeks to be one piece of a much larger puzzle that needs to take shape. billion in 2021 , up from $40.8

Marketing

Marketing Firewall Architecture Software

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

The Last Watchdog

APRIL 21, 2021

At the time, in the spring of 2018, only 25 percent of commercial websites used HTTPS; today adoption is at 98 percent and rising. This surge in TLS abuse has shifted the security community’s focus back to a venerable network security tool, the firewall. Related: Malicious activity plagues the cloud services.

Malware

Malware Firewall Encryption Digital transformation

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. “If only 153,414 devices on the internet are patched, that leaves 335,923 / 489,337 = 69% unpatched.”

Firewall

Firewall VPN Firmware Internet

WordCamp Europe 2018: The Past is Also the Future of WordPress

SiteLock

AUGUST 27, 2021

It was a great look back at the beginnings of the WordPress and a look into the future of the open source software that powers over 30% of the internet. Each event is unique, and WordCamp Europe 2018 was no different. Jenny Beaumont (@jennybeaumont) June 15, 2018. John Maeda (@johnmaeda) June 16, 2018. In Summary.

Software

Software Internet Internet Marketing

WordCamp Montreal 2018: 10 Years of WordPress

SiteLock

AUGUST 27, 2021

SiteLock (@SiteLock) August 12, 2018. Guillaume Hamel (@guihamel) August 12, 2018. Longtime WordCamp speaker and president of the Canadian Internet Marketing Association Brian Rotsztein dropped a whole lot of new insights into the current state of SEO this weekend. wcmtl pic.twitter.com/NooWoTcKlg.

Firewall

Firewall Malware Marketing Internet

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

DECEMBER 8, 2020

Locking down web gateways and erecting a robust firewall were considered the be-all and end-all. Related: The shared burden of securing the Internet of Things. Company networks must support endless permutations of users and apps, both on-premises and in the Internet cloud. Fast forward to the 21 st Century’s third decade.

Firewall

Firewall Digital transformation Internet Internet

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

The Shadowserver Foundation is a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone. The researchers scanned the Internet for printers that are exposing their Internet Printing Protocol (IPP) port online. and printers (or print servers).

Internet

Internet Internet Firmware Advertising

Cyclops Blink malware: US and UK authorities issue alert

Malwarebytes

FEBRUARY 24, 2022

According to WatchGuard , Cyclops Blink may have affected approximately 1% of active firewall appliances, which are devices mainly used by business customers. Cyclops Blink has been found in WatchGuard’s firewall devices since at least June 2019. Internet access to the management interface of any device is a security risk.

Malware

Malware Firewall Firmware DDOS

Encryption is on the Rise!

Cisco Security

JANUARY 18, 2023

When the Internet Engineering Task Force (IETF) announced the TLS 1.3 standard in RFC 8446 in August 2018, plenty of tools and utilities were already supporting it (even as early as the year prior, some web browsers had implemented it as their default standard, only having to roll it back due to compatibility issues.

Encryption

Encryption Engineering Technology Firewall

Is Your Small Business Safe Against Cyber Attacks?

CyberSecurity Insiders

MARCH 21, 2021

Back in 2018, almost two-thirds of the small businesses suffered from cyber security attacks. . Therefore, make sure to set up the latest network routers and firewall protocols across all IT equipment to strengthen your security and create a defense against hackers and security breaches. Firewalls . Two-factor authentication .

Small Business

Small Business Cyber Attacks VPN Backups

DanaBot banking Trojan evolves and now targets European countries

Security Affairs

SEPTEMBER 22, 2018

Security experts at ESET have recently observed a surge in activity of DanaBot banking Trojan that is now targeting Poland, Italy, Germany, Austria, and as of September 2018, Ukraine. Sniffer plug-in – injects malicious scripts into a victim’s browser, usually while visiting internet banking sites.

Banking

Banking Advertising VPN Architecture

Sounding the Alarm on Emergency Alert System Flaws

Krebs on Security

AUGUST 12, 2022

.” But Pyle said a great many EAS stakeholders are still ignoring basic advice from the manufacturer, such as changing default passwords and placing the devices behind a firewall, not directly exposing them to the Internet, and restricting access only to trusted hosts and networks.

Firmware

Firmware Manufacturing Passwords Software

Black Hat USA 2021 Network Operations Center

Cisco Security

AUGUST 12, 2021

This requires a robust connection to the Internet (Lumen and Gigamon), firewall protection (Palo Alto Networks), segmented wireless network (Commscope Ruckus) and network full packet capture & forensics and SIEM (RSA NetWitness); with Cisco providing cloud-based security and intelligence support. Recorded Future. urlscan.io.

DNS

DNS Firewall Malware Mobile

Sophos XGS vs Fortinet FortiGate: Top NGFWs Compared

eSecurity Planet

MARCH 23, 2023

Sophos and Fortinet both appear on our list of the top next-generation firewalls (NGFWs) , and while both offer very good security at their price points, they serve very different markets. If you’re just looking for a firewall with good security, Sophos will do. Fortinet offers virtual firewalls too for hybrid cloud use cases.

Firewall

Firewall VPN Small Business Marketing

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Manufacturing Internet Internet

NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets

The Last Watchdog

NOVEMBER 13, 2018

The nonstop intensity of these attacks is vividly illustrated by the fact that malicious bot communications now account for one-third of total Internet traffic. Established web application firewall (WAF) suppliers like Imperva, F5 and Akamai are hustling to strengthen their respective platforms.

Digital transformation

Digital transformation Mobile B2C Internet

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Related: ‘Cyber Pearl Harbor’ happens every day Some 15 months earlier, in March 2018, Atlanta was hit by a similar assault, and likewise refused to pay a $51,000 ransom, eating $17 million in damage. It’s imperative to keep legacy anti-malware , firewall and intrusion prevention systems updated.

Ransomware

Ransomware Internet Internet Hacking

MY TAKE: The back story on the convergence, continuing evolution of endpoint security

The Last Watchdog

AUGUST 17, 2018

It was a reflection of attackers moving to take full advantage of the fresh attack vectors cropping up as companies retooled their legacy networks – comprised of ‘on-premises’ servers and clients – to operate in the expanding world of cloud services, mobile devices and the Internet of Things. Here are a few big takeaways: Smarter spending.

Antivirus

Antivirus Digital transformation Social Engineering Technology

FBI warns cyber actors abusing protocols as new DDoS attack vectors

Security Affairs

JULY 27, 2020

In December 2018, security experts from Trend Micro discovered that some machine-to-machine (M2M) protocols can be abused to attack IoT and industrial Internet of Things (IIoT) systems. Configure network firewalls to block unauthorized IP addresses and disable port forwarding.

DDOS

DDOS IoT Internet Internet

The SiteLock Website Security Insider Q2 2018

SiteLock

AUGUST 27, 2021

Even more startling, as much as 61 percent of all internet traffic is automated traffic from bots, meaning these attacks do not discriminate based on the size or popularity of a website. The SiteLock Website Security Insider Q2 2018 goes over these and other tips for protecting your website from attackers. SiteLock 24/7/365 U.S.-based

Malware

Malware Engineering Firewall Internet

WECON PI Studio HMI software affected by code execution flaws

Security Affairs

OCTOBER 8, 2018

The list of flaws discovered by the experts includes a critical stack-based buffer overflow vulnerability, tracked as CVE-2018-14818 , that could lead to remote code execution. Specifically, users should: Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.

Software

Software Manufacturing Advertising VPN

Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

Security Affairs

SEPTEMBER 9, 2022

. “In many of the observed DEV-0270 instances, the actor gained access by exploiting known vulnerabilities in Exchange or Fortinet ( CVE-2018-13379 ). The group is typically opportunistic in its targeting, it scans the internet to find vulnerable servers and devices. ” reads the analysis published by Microsoft.

Encryption

Encryption Internet Internet Firewall

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

The Last Watchdog

MARCH 1, 2019

Enterprises have dumped small fortunes into stocking their SOCs (security operations centers) with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can buy. Related: Why we’re in the Golden Age of cyber espionage. But this hasn’t done the trick.

Threat Detection

Threat Detection Digital transformation Marketing Firewall

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Despite billions of dollars spent on the latest, greatest antivirus suites, firewalls and intrusion detection systems, enterprises continue to suffer breaches that can be traced back to the actions of a single, unsuspecting employee. Social engineering, especially phishing, continues to trigger the vast majority of breach attempts.

Social Engineering

Social Engineering Engineering Phishing Banking

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

To perform the experiment, we used Internet of Things (IoT) search engines to search for open devices that utilized common printer ports and protocols. After filtering out most of the false positives, we were left with more than 800,000 printers that had network printing features enabled and were accessible over the internet.

Hacking

Hacking IoT Firmware Internet

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

Malwarebytes

APRIL 8, 2022

On Wednesday, the DOJ announced that it had disrupted GRU’s control over thousands of internet-connected firewall devices compromised by the Russian Sandworm group. Cyclops Blink surfaced as a replacement for VPNFilter malware, which the DOJ disrupted with an operation in 2018.

Malware

Malware Internet Internet Government

How to Stop a DDoS Attack on Your Website

SiteLock

AUGUST 27, 2021

Major attacks saw a 967% increase between the first quarter of 2018 and the first quarter of 2019. According to a 2018 study from Coreo , DDoS attack victims stand to lose up to $50,000 in forfeited business revenue per attack. Your first line of defense should be a web application firewall. Why Is a DDoS Attack Destructive?

DDOS

DDOS Firewall Small Business Internet

RSAC insights: ‘SASE’ disrupts networking by meshing security, connectivity at the services edge

The Last Watchdog

MAY 14, 2021

Early SD-WAN solutions “were built only to replace an MPLS-VPN with an Internet-based VPN,” Ahuja says. The firewall emerged as the cornerstone around which companies were encouraged to pursue a so-called defense-in-depth strategy. Intrusion detection, intrusion prevention and sandboxing technologies got bolted onto the firewall.

Firewall

Firewall Mobile VPN Digital transformation

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. GLIBC keeps common code in one place, thus making it easier for multiple programs to connect to the company network and to the Internet. The first worm of note that accomplished this was Stuxnet. And a recent BlueCoat sandbox study demonstrated how 95.4%

Hacking

Hacking Energy and Utilities System Administration Accountability

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The first version of the bot exploits tens of known vulnerabilities including: CVE-2020-17456 vulnerability affecting SEOWON INTECH SLC-130 and SLR-120S routers; CVE-2018-10823 flaw an older D-Link routers (DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01).

Malware

Malware DDOS IoT Cybercrime

Cybersecurity Year in Review and Our Predictions Moving Forward

SiteLock

AUGUST 27, 2021

The Biggest Cybersecurity Trends of 2018. Throughout 2018, per-day website attack attempts increased by just about 60%, peaking at 80 attacks and averaging at 62 attacks. In fact, only around 15% of malware-infected sites were blacklisted in 2018. This is one of many lessons from 2018 that will apply throughout 2019.

Cybersecurity

Cybersecurity Engineering Firewall Malware

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. “He’d been told the organization had an extensive system to prevent cyberattacks, but this new virus evaded all their firewalls and antivirus software. .

Antivirus

Antivirus Malware Phishing Advertising

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

According to WatchGuard , Cyclops Blink may have affected roughly 1% of all active WatchGuard firewall appliances. Cyclops Blink is believed to be a replacement for the VPNFilter botnet, which was first exposed in 2018 and at the time was composed of more than 500,000 compromised routers and network-attached storage (NAS) devices.

IoT

IoT Firewall Malware Internet

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

The Last Watchdog

MARCH 25, 2019

Without APIs there would be no cloud computing, no social media, no Internet of Things. In late 2018, the USPS Informed Delivery service was hit with a massive data breach, exposing 60 million records. Because companies can’t protect APIs with traditional means, like firewalls, they must find other ways to secure them.

Digital transformation

Digital transformation Software Data breaches Authentication

Q&A: How emulating attacks in a live environment can more pervasively protect complex networks

The Last Watchdog

SEPTEMBER 4, 2018

And at Black Hat USA 2018 , the company unveiled a new CyberFlood functionality that makes it possible for an enterprise to emulate a real-world attack in a live environment. For instance, they might want to test new signatures published by their firewall vendor, before pushing it out, to make sure there are no regression issues.

Penetration Testing

Penetration Testing Firewall Data breaches Malware

New MATA Multi-platform malware framework linked to NK Lazarus APT

Security Affairs

JULY 23, 2020

According to the experts from Kaspersky that first analyzed the framework, the MATA campaign has been active at least since April of 2018. The hackers targeted unnamed companies in software development, e-commerce, and an internet service provider around the world, including Poland, Germany, Turkey, Korea, Japan, and India.

Malware

Malware Ransomware Advertising Encryption

Weak Cybersecurity? Here’s Something You Can Do About It

Adam Levin

NOVEMBER 15, 2019

A 2018 study regarding VPN use worldwide is worth considering. Usage increased 185% from 2016 to 2017 and 165% from 2017 to 2018. If, for example, a user resides in a country with major Internet restrictions (think: the Great Firewall of China ), he or she may connect to a VPN outside of that country and bypass local laws.

VPN

VPN Cybersecurity Firewall Data breaches

Top Cloud Data Breaches in 2018 Lessons Learned

Spinone

MARCH 18, 2019

As we look at the past year of 2018, it is all too easy to see that data breach or leak of sensitive information is not a problem that is going away anytime soon. Let’s take a look at the top Cloud Data Breaches in 2018 and see how they were carried out, what data was leaked, and the weakness that was exposed by the breach.

Data breaches

Data breaches Computers and Electronics Accountability Technology

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

The Last Watchdog

SEPTEMBER 11, 2019

Here are my takeaways: Skills deficit Over the past 20 years, enterprises have shelled out small fortunes in order to stock their SOCs with the best firewalls, anti-malware suites, intrusion detection, data loss prevention and sandbox detonators money can buy. For a full drill down on our discussion give a listen to the accompanying podcast.

Big data

Big data Firewall Digital transformation Software

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

Security Affairs

AUGUST 14, 2018

” The experts focused their analysis on the impact of key reuse on Internet Protocol Security (IPsec). The cryptographic key for IPsec leverages the Internet Key Exchange (IKE) protocol, which has two versions, IKEv1 and IKEv2. According to the Huawei’s advisory , its firewall products are affected by the flaw.

Encryption

Encryption Authentication Internet Internet

NEW TECH: ‘Network Traffic Analysis’ gets to ground truth about data moving inside the perimeter

The Last Watchdog

APRIL 11, 2019

Modular microservices, software containers and orchestration tools get spun up, using open source components; all of this mixing and matching occurs in the internet cloud, keeping things moving right along. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW

Digital transformation

Digital transformation Adware Technology Internet

MyBook Users Urged to Unplug Devices from Internet

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Trending Sources

M?ris Bot infects MikroTik routers compromised in 2018

NEW TECH: Alcide introduces a “microservices firewall” as a dynamic ‘IaaS’ market takes shape

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997

WordCamp Europe 2018: The Past is Also the Future of WordPress

WordCamp Montreal 2018: 10 Years of WordPress

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

A daily average of 80,000 printers exposed online via IPP

Cyclops Blink malware: US and UK authorities issue alert

Encryption is on the Rise!

Is Your Small Business Safe Against Cyber Attacks?

DanaBot banking Trojan evolves and now targets European countries

Sounding the Alarm on Emergency Alert System Flaws

Black Hat USA 2021 Network Operations Center

Sophos XGS vs Fortinet FortiGate: Top NGFWs Compared

5 IoT Security Predictions for 2019

NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

MY TAKE: The back story on the convergence, continuing evolution of endpoint security

FBI warns cyber actors abusing protocols as new DDoS attack vectors

The SiteLock Website Security Insider Q2 2018

WECON PI Studio HMI software affected by code execution flaws

Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

How to Stop a DDoS Attack on Your Website

RSAC insights: ‘SASE’ disrupts networking by meshing security, connectivity at the services edge

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

EnemyBot malware adds new exploits to target CMS servers and Android devices

Cybersecurity Year in Review and Our Predictions Moving Forward

Microsoft’s case study: Emotet took down an entire network in just 8 days

Russia-linked Cyclops Blink botnet targeting ASUS routers

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

Q&A: How emulating attacks in a live environment can more pervasively protect complex networks

New MATA Multi-platform malware framework linked to NK Lazarus APT

Weak Cybersecurity? Here’s Something You Can Do About It

Top Cloud Data Breaches in 2018 Lessons Learned

NEW TECH: LogicHub introduces ‘virtualized’ security analysts to help elevate SOAR

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected

NEW TECH: ‘Network Traffic Analysis’ gets to ground truth about data moving inside the perimeter

Stay Connected