SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Broken Authentication 5. Broken Authentication 5. Mitigation: implement authentication and authorization controls according to the role-based access model.

Passwords 140

Passwords Authentication Architecture Risk 140

The Hacker News

NOVEMBER 30, 2023

Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection.

Firewall 109

Firewall Authentication 109

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. .

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy. through 6.2.13

Firewall 98

Firewall VPN Firmware Manufacturing 98

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. The vulnerability can be tracked as CVE-2023-29357.

Firewall 105

Firewall Firmware IoT Authentication 105

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 1 ZLD V5.36

Firewall 98

Firewall VPN Authentication Hacking 98

The Hacker News

JUNE 11, 2023

Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution.

Firewall 100

Firewall VPN Authentication 100

Security Affairs

AUGUST 28, 2023

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. In mid-August, Juniper addressed four medium-severity (CVSS 5.3)

Firewall 98

Firewall Authentication Hacking Information Security 98

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. ” reads the advisory.

Firewall 98

Firewall VPN Authentication Media 98

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

NOVEMBER 13, 2023

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. ” states the update published by the company on November 8 th 2023. Customers are urged to immediately upgrade.”

Firewall 141

Firewall Authentication Internet Internet 141

Malwarebytes

OCTOBER 31, 2023

Tech company F5 has warned customers about a critical authentication bypass vulnerability impacting its BIG-IP product line that could result in unauthenticated remote code execution. This CVEs is listed as: CVE-2023-46747 ( CVSS score 9.8 F5 provides services focused on security, reliability, and performance. ENG) 16.1.0 – 16.1.4

Authentication 121

Authentication DDOS Software Firewall 121

eSecurity Planet

DECEMBER 18, 2023

December 11, 2023 Sonar Finds Three Vulnerabilities in Open-Source Firewall pfSense Type of vulnerability: Cross-site scripting and command injection. NIST has cataloged the three vulnerabilities as CVE-2023-42325 , CVE-2023-42327 , and CVE-2023-42326. pfSense CE 2.7.0 and below and pfSense Plus 23.05.1

Backups 110

Backups Firewall Engineering Software 110

The Last Watchdog

MARCH 4, 2024

A recent study found only 27% of charities undertook risk assessments in 2023 and only 11% said they reviewed risks posed by suppliers. Investing in top-notch firewalls is also essential, as they serve as the first line of defense against external threats. Strengthen authentication. Keep software updated. Train staff regularly.

Social Engineering 213

Social Engineering Risk Cybersecurity Authentication 213

Security Affairs

AUGUST 30, 2023

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. reads the advisory published by Juniper.

Firewall 140

Firewall Authentication Hacking Information Security 140

The Last Watchdog

NOVEMBER 12, 2023

I recently discussed the current state of tech standards with DigiCert’s Mike Nelson , Global Vice President of Digital Trust and, Dean Coclin , Senior Director of Trust Services, at DigiCert Trust Summit 2023. Matter works much the way website authentication and website traffic encryption gets executed. identification.”

Manufacturing 276

Manufacturing Authentication Marketing Encryption 276

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 141

Firewall Firmware Cyber Attacks VPN 141

eSecurity Planet

OCTOBER 11, 2023

Microsoft’s Patch Tuesday for October 2023 covers a total of 103 CVEs, including three zero-day vulnerabilities affecting WordPad, Skype and the HTTP/2 “ Rapid Reset ” DDoS vulnerability. CVE-2023-41763 , an elevation of privilege vulnerability in Skype for Business with a CVSS score of 5.3

DDOS 107

DDOS Engineering Authentication Social Engineering 107

CyberSecurity Insiders

JANUARY 6, 2023

Here are some API security predictions for 2023: Prediction #1: There will be a major API security breach that forces faster regulatory action. In 2023, we expect that these regulators will increase their expectations around financial institutions’ API security. That choice will become increasingly important in 2023.

CISO 118

CISO Financial Services Risk Unstructured Data 118

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 102

VPN Authentication Ransomware Antivirus 102

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 93

VPN Authentication Mobile Firewall 93

Security Boulevard

JUNE 9, 2023

On 31-May-2023, Progress Software disclosed a critical vulnerability CVE-2023-34362 in the MOVEit application. Once the malicious webshell is installed, it creates a random 36 characters long password which later is used for the authentication purpose. This ASPX file stages an SQL database account to be used for further access.

Software 103

Software Internet Internet Malware 103

eSecurity Planet

SEPTEMBER 26, 2023

SD-WAN integration with the SASE controller for Meraki, Catalyst, and others Cisco Umbrella SIG unifies firewall, SWG, DNS-layer security, CASB, and threat intelligence functions into a single and well-tested cloud service. Cisco+ Secure Connect Platform Cisco+ Secure Connect strives to provide a turnkey SASE solution for a variety of needs.

Firewall 97

Firewall DNS Architecture Technology 97

Security Affairs

APRIL 28, 2024

“Luckily, I was able to get access to the latest version of SANnav in May 2023 (the latest version was 2.2.2 “Luckily, I was able to get access to the latest version of SANnav in May 2023 (the latest version was 2.2.2 version was sent to Brocade PSIRT in May 2023 and they finally aknowledged the vulnerabilities.

Firewall 132

Firewall Authentication Architecture Backups 132

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” reads the advisory.

Firewall 138

Firewall Accountability Malware Authentication 138

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT 128

IoT DDOS Passwords Malware 128

The Hacker News

JULY 12, 2023

SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.

Network Security 98

Network Security Firewall Engineering Authentication 98

Security Affairs

JULY 13, 2023

SonicWall fixed multiple critical vulnerabilities impacting its GMS firewall management and Analytics management and reporting engine. SonicWall addressed multiple critical vulnerabilities in its Global Management System (GMS) firewall management and Analytics network management and reporting engine. R7 and before ● Analytics 2.5.2

Firewall 98

Firewall Authentication Engineering Passwords 98

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. “This is reachable pre-authentication, on every SSL VPN appliance,” French vulnerability researcher Charles Fol tweeted. “Patch your #Fortigate.”

Risk 243

Risk VPN Internet Internet 243

SecureList

JULY 19, 2023

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 While the threat actor infrastructure might request Net-NTLMv2 authentication, Windows will honor the defined internet security zones and will not send (leak) Net-NTLMv2 hashes.

Firmware 98

Firmware Internet Internet Government 98

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60

Cyber Attacks 142

Cyber Attacks Firmware Firewall VPN 142

eSecurity Planet

SEPTEMBER 26, 2023

Physical appliances provide functionality for routing wide area networks (WANs), stateful firewalls, SD-WANs, NGFW, antivirus, intrusion prevention services (IPS), and unified threat management (UTM) capabilities for local networks.

Firewall 94

Firewall Software Internet Internet 94

Malwarebytes

JANUARY 12, 2024

Take for example the vulnerability that has been added to the CISA catalog: CVE-2023-23752 was reported, and a fix was created in February 2023. Secure accounts with two-factor authentication ( 2FA ). Use a Web Application Firewall (WAF). But here we are, active exploitation is upon us.

Passwords 145

Passwords Firewall Marketing Authentication 145

Security Affairs

JUNE 29, 2023

A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. The flaw, tracked as CVE-2023-2982 (CVSS Score : 9.8) May 30, 2023 – We initiate contact with the plugin vendor asking that they confirm the inbox for handling the discussion.

Firewall 98

Firewall Authentication Encryption Accountability 98

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 138

VPN Cybercrime Ransomware Hacking 138

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 76

VPN Authentication Mobile Firewall 76

CyberSecurity Insiders

MAY 6, 2021

Its website security plans offer SSL Certification that arrives with Web Application Firewall(WAF) protection. Also, the firewall offered by the company blocks all kinds of DDoS and Malware attacks that could damage the website- thus the reputation of the company.

Passwords 128

Passwords Firewall DDOS Malware 128