Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy. through 6.2.13

Firewall 98

Firewall VPN Firmware Manufacturing 98

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. The vulnerability can be tracked as CVE-2023-29357.

Firewall 110

Firewall Firmware IoT Authentication 110

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The vulnerability was published on November 26, the patch has been publicly available since May 16, 2023.

Firewall 112

Firewall Authentication Accountability Firmware 112

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 135

Firewall Firmware Cyber Attacks VPN 135

SecureList

NOVEMBER 14, 2022

We polled our experts from the GReAT team and have gathered a small number of key insights about what APT actors are likely to focus on in 2023. In both cases, we described new UEFI firmware bootkits that managed to propagate malicious components from the deepest layers of the machine up to Windows’ user-land.

Firmware 128

Firmware Surveillance Mobile Telecommunications 128

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60

Cyber Attacks 138

Cyber Attacks Firmware Firewall VPN 138

Security Affairs

JANUARY 29, 2025

Named after the Aqua filename, it was first reported in November 2023. In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates. Akamai researchers spotted a new variant of the Mirai -based botnet Aquabot that is targeting vulnerable Mitel SIP phones. ” reads the report published by Akamai.

DDOS 67

DDOS Firmware Malware Firewall 67

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from the ongoing attacks recently discovered. Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities. in its firewall devices.

Firmware 98

Firmware VPN Firewall Hacking 98

Security Affairs

SEPTEMBER 6, 2024

. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash.” However SonicWall recommends youinstall the latest firmware. 5035 and older versions.

Firewall 126

Firewall Passwords Internet Internet 126

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT 137

IoT DDOS Passwords Malware 137

eSecurity Planet

SEPTEMBER 22, 2023

The Barracuda SecureEdge SASE product builds off the well established Barracuda security products (firewalls, gateways, email security, and more) that already protect so many global companies. When compared against other SASE competitors, Barracuda SecureEdge can be considered one of the best options to protect remote users.

Firewall 98

Firewall Marketing Firmware Technology 98

Malwarebytes

MAY 26, 2023

Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on the affected Zyxell firewalls. Patch 1, USG FLEX series firmware versions 4.50 Patch 1, USG FLEX 50(W) firmware versions 4.25 Patch 1, USG20(W)-VPN firmware versions 4.25

Firmware 98

Firmware VPN Firewall Accountability 98

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. ” In details published on June 12 , Fortinet confirmed that one of the vulnerabilities ( CVE-2023-27997 ) is being actively exploited. . “Patch your #Fortigate.”

Risk 267

Risk VPN Internet Internet 267

SecureList

JULY 19, 2023

On March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 Some samples submitted to VirusTotal in the past were later found to exploit CVE-2023-23397; others were published after the vulnerability was publicly disclosed.

Firmware 98

Firmware Internet Internet Government 98

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

DDOS 98

DDOS Firmware VPN Firewall 98

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6 CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Data breaches 123

Data breaches Cybercrime Firewall Ransomware 123

Security Affairs

FEBRUARY 28, 2024

In April 2023, FortiGuard Labs researchers observed a hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The operation reversibly modified the routers’ firewall rules to block remote management access to the devices. ” continues the report.

Energy and Utilities 132

Energy and Utilities Government Firewall Malware 132

Malwarebytes

MAY 3, 2023

On May 1, 2023 the Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies are obliged to remediate the vulnerabilities by May 22, 2023.

Firewall 97

Firewall Firmware Risk Cybersecurity 97

eSecurity Planet

SEPTEMBER 9, 2024

The problem: RansomHub, a ransomware-as-a-service group, targeted security vulnerabilities in Apache ActiveMQ ( CVE-2023-46604 ), Atlassian Confluence ( CVE-2023-22515 ), Citrix ADC ( CVE-2023-3519 ), and Fortinet devices ( CVE-2023-27997 ). The vulnerability affects all versions before 7.00, with a CVSS v3 score of 9.8

Firmware 110

Firmware Backups Firewall Risk 110

Security Affairs

MAY 16, 2023

. “Also, an attacker may exploit these issues to access and control networked devices and change router settings in order to manipulate configurations such as DNS settings or firewall rules. affected by CVE-2023-32346, CVE-2023-32347, CVE-2023-32348, CVE-2023-2587, CVE-2023-2588) Remote Management System (RMS): Versions prior to 4.14.0

Hacking 98

Hacking Internet Internet Manufacturing 98

SecureWorld News

NOVEMBER 2, 2023

Citrix Bleed, officially identified as CVE-2023-4966, is a sensitive information disclosure vulnerability affecting NetScaler ADC and NetScaler Gateway appliances. By employing techniques such as differential firmware analysis, Mandiant identified the vulnerable endpoint and developed a proof of concept (PoC) to validate the vulnerability.

Authentication 108

Authentication Data breaches Passwords Firmware 108

SecureList

JUNE 3, 2024

In late December, in a presentation at the 37th Chaos Communication Congress (37C3), experts from our Global Research and Analysis Team (GReAT) described the attack chain in detail , including – for the first time – how the attackers exploited the CVE-2023-38606 hardware vulnerability. You can read the full analysis here.

Banking 118

Banking Malware Computers and Electronics Mobile 118

eSecurity Planet

JANUARY 22, 2024

The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities. CVE-2023-6548 is a remote code execution vulnerability for an authenticated user, and CVE-2023-6549 is a denial-of-service vulnerability. EPMM versions 11.10, 11.9

Authentication 115

Authentication Malware VPN Mobile 115

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. Sophos: Noted that 43% of all 2023 malware signature updates are for stealers, spyware, and keyloggers often used to steal credentials from devices.

Cybersecurity 122

Cybersecurity DDOS Penetration Testing Passwords 122

eSecurity Planet

MARCH 4, 2024

The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services. The fix: Patch or isolated vulnerable Windows systems.

IoT 118

IoT Internet Internet Ransomware 118

eSecurity Planet

APRIL 28, 2023

Third-party vendor systems include Operating Systems (OS), firmware (software installed on hardware), and applications. but also applies to firmware that controls equipment such as hard drives, network routers, and security cameras. The most common patch requirements will be for endpoint operating systems (macOS, Windows, etc.)

Penetration Testing 110

Penetration Testing IoT Firmware Software 110

eSecurity Planet

SEPTEMBER 2, 2024

SonicWall dealt with a serious access control vulnerability that affected its firewall systems. This flaw has the potential to bring down the firewall or grant unauthorized access to resources. The fix: Upgrade to SonicWall’s firmware updates for Gen 5 (to version 5.9.2.14-13o), It was publicly published in August 2024.

Risk 58

Risk Firewall Firmware Engineering 58

eSecurity Planet

MARCH 30, 2023

Although best known for their industry-leading firewall technology, Fortinet harnesses their knowledge of network protection to create a powerful network access control (NAC) solution. Founded in 2000 , Sunnyvale, California headquartered Fortinet’s flagship FortiGate provides enterprise-grade firewall solutions. Who is Fortinet?

IoT 98

IoT Firewall Wireless Mobile 98

eSecurity Planet

MAY 12, 2023

For example, a vulnerability in a wi-fi router firewall configuration may expose Windows 95 machines required to run manufacturing equipment. Common mitigations include, but are not limited to: Deploy mitigating security control such as a new security tool (Firewall, etc.) Both direct and indirect risks should be considered.

Penetration Testing 110

Penetration Testing Risk Firmware Software 110

eSecurity Planet

JUNE 30, 2023

Cymulate ran 3,107 assessments across 340 organizations recently to see if security controls were adequate against the Clop (sometimes called “Cl0p” with a zero) ransomware group’s exploitation of a MOVEit software vulnerability ( CVE-2023-34362 ). Patch operating systems, software, and firmware on a regular basis.

Ransomware 105

Ransomware Backups Software Passwords 105

eSecurity Planet

MARCH 9, 2023

Key Features Scans devices for vulnerabilities in operating systems and third-party software, end-of-life software, peer-to-peer software, as well as zero-day vulnerabilities Scans for default credentials, firewall misconfigurations, open shares, and user privilege issues (unused users or groups, elevated privileges, etc.)

Software 129

Software Small Business Engineering Penetration Testing 129

eSecurity Planet

JULY 8, 2024

To protect your network devices from potential risks, apply patches on a regular basis and keep their firmware up to date. The fix: CocoaPods fixed these flaws and reset all user sessions since October 2023. CVE-2023-2071 exploits insufficient input validation to upload and load malicious DLLs, resulting in remote code execution.

Risk 63

Risk Authentication Firmware Surveillance 63

eSecurity Planet

APRIL 28, 2023

Automated patch management can help prevent security breaches by automatically identifying, downloading, testing, and delivering software and firmware updates to devices and applications through the use of specialized software tools. It also provides endpoint protection solutions such as antivirus and firewall to help safeguard networked PCs.

Software 98

Software Firmware Risk Antivirus 98

Digital Shadows

JANUARY 14, 2025

Researchers reported that the median ransom payment rose from $199,000 in 2023 to $1,500,000 in 2024. Restricting firewall management access to trusted sources and, where possible, disabling internet access to the wide area network (WAN) management portal can further strengthen defenses.

Ransomware 126

Ransomware Social Engineering Phishing VPN 126

Pen Test

OCTOBER 12, 2023

What are the common firmware and software vulnerabilities in RF devices that can be exploited? Vulnerabilities in RF technology often encompass various weaknesses and security gaps within the firmware and software used in RF devices. Keeping firmware up to date is essential for security.

Encryption 52

Encryption Firmware Surveillance Technology 52

eSecurity Planet

DECEMBER 7, 2023

This feature can be included in firmware, in operating systems, or as a feature in open-source, shareware, or commercial applications. It was updated by Chad Kime on December 7, 2023. Full Disk Encryption To protect data at rest, an entire hard drive can be encapsulated within an encrypted container.

Encryption 110

Encryption Passwords Authentication Password Management 110