Remove 2020 Remove Information Security Remove VPN
article thumbnail

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN 144
article thumbnail

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The vulnerability, tracked as CVE-2020-29583 received a CVSS score of 7.8, ” The CVE-2020-29583 flaw affects the firmware version 4.60 that is used by multiple Zyxel devices.

Firewall 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. ” reads the report. ” continues the alert. ” concludes the alert.

VPN 145
article thumbnail

CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks

Security Affairs

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

article thumbnail

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN.

VPN 140
article thumbnail

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Security Affairs

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. In all the intrusions, the attackers targeted Pulse Secure VPN appliances in the breached networks. “A vulnerability was discovered under Pulse Connect Secure (PCS).

VPN 135
article thumbnail

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

Security Affairs

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 134