The Hacker News

JULY 3, 2023

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild. CVE-2023-27997

Firewall 103

Firewall VPN Internet Internet 103

Security Affairs

DECEMBER 3, 2023

Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. The addressed issues are tracked as CVE-2023-35136 , CVE-2023-35139 , CVE-2023-37925 , CVE-2023-37926 , CVE-2023-4397 , CVE-2023-4398 , CVE-2023-5650 , CVE-2023-5797 , CVE-2023-5960.

Firewall 129

Firewall Authentication VPN Cyber Attacks 129

Security Affairs

JULY 3, 2023

Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. For this reason, if the customer has SSL-VPN enabled, Fortinet is advising customers to take immediate action to upgrade to the most recent firmware release.

Firewall 98

Firewall VPN Firmware Internet 98

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 140

VPN Firewall Accountability Cybersecurity 140

Security Affairs

JUNE 13, 2023

Fortinet addressed a new critical flaw, tracked as CVE-2023-27997, in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. Fortinet has finally published an official advisory about the critical vulnerability, tracked as CVE-2023-27997 (CVSS score: 9.2), impacting FortiOS and FortiProxy. through 6.2.13

Firewall 98

Firewall VPN Firmware Manufacturing 98

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

Firewall 131

Firewall Government VPN Authentication 131

Security Affairs

APRIL 28, 2023

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35.

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

JUNE 1, 2023

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. VPN ZLD V4.60

Firewall 98

Firewall Firmware VPN DDOS 98

Security Affairs

JUNE 12, 2023

Fortinet released security updates to fix a critical security flaw in its FortiGate firewalls that lead to remote code execution. Fortinet has released security patches to address a critical security vulnerability, tracked as CVE-2023-27997, in its FortiGate firewalls. Patch your #Fortigate. Details at a later time.

Firewall 98

Firewall VPN Authentication Media 98

The Hacker News

JUNE 11, 2023

Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution.

Firewall 99

Firewall VPN Authentication 99

Krebs on Security

JUNE 15, 2023

The directive applies to any networking devices — such as firewalls, routers and load balancers — that allow remote authentication or administration. The researchers found that just being able to reach the management interface for a vulnerable Fortinet SSL VPN appliance was enough to completely compromise the devices.

Risk 270

Risk VPN Internet Internet 270

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. The problem: Juniper Networks released a bulletin about a remote code execution vulnerability in its SRX firewalls and EX switches. The vulnerability can be tracked as CVE-2023-29357.

Firewall 111

Firewall Firmware IoT Authentication 111

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. Threat actors are actively attempting to exploit the command injection vulnerability CVE-2023-28771 impacting Zyxel firewalls. in its firewall devices.

Firmware 98

Firmware Firewall Authentication VPN 98

eSecurity Planet

SEPTEMBER 5, 2023

August 28, 2023 Ransomware Group Exploits Citrix NetScaler Vulnerability In July, Citrix released a patch for a critical remote code execution vulnerability ( CVE-2023-3519 ), which affected the company’s NetScaler ADC and NetScaler Gateway products and carried a severity rating of 9.8 out of 10 on the CVSS vulnerability scale.

VPN 105

VPN Authentication Ransomware Antivirus 105

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from the ongoing attacks recently discovered. Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities.

Firmware 98

Firmware VPN Firewall Hacking 98

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 98

VPN Authentication Mobile Firewall 98

eSecurity Planet

AUGUST 28, 2023

August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform. The latest — CVE-2023-38035 — affects the Sentry secure mobile gateway, part of Ivanti’s UEM platform and is being exploited as a zero-day.

VPN 95

VPN Authentication Mobile Firewall 95

SecureList

SEPTEMBER 21, 2023

We conducted an analysis of the IoT threat landscape for 2023, as well as the products and services offered on the dark web related to hacking connected devices. In the first half of 2023, 97.91% of password brute-force attempts registered by our honeypots targeted Telnet, and only 2.09%, SSH.

IoT 134

IoT DDOS Passwords Malware 134

eSecurity Planet

SEPTEMBER 26, 2023

Founded in Tel Aviv, Israel, Cato Networks started as a firewall-as-a-service (FWaaS) company and focuses on the convergence of security, networks, and the cloud. Who is Cato Networks?

Firewall 98

Firewall VPN Malware Internet 98

Security Affairs

FEBRUARY 15, 2025

CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug U.S. custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 68

Spyware Firewall Artificial Intelligence Malware 68

Security Affairs

JANUARY 14, 2024

Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of the cyber attacks that targeted the energy sector in Denmark in 2023, attributing them to the Russia-linked Sandworm. through 5.35.

Firewall 134

Firewall Firmware Cyber Attacks VPN 134

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 130

VPN Cybercrime Ransomware Hacking 130

eSecurity Planet

SEPTEMBER 22, 2023

The Barracuda SecureEdge SASE product builds off the well established Barracuda security products (firewalls, gateways, email security, and more) that already protect so many global companies. When compared against other SASE competitors, Barracuda SecureEdge can be considered one of the best options to protect remote users.

Firewall 98

Firewall Marketing Firmware Technology 98

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 128

Artificial Intelligence Hacking VPN Firewall 128

eSecurity Planet

APRIL 15, 2024

Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. You can strengthen your cybersecurity defenses by using reliable antivirus software, firewalls, intrusion detection systems, and virtual private networks (VPNs).

Firewall 111

Firewall VPN Software Risk 111

Security Affairs

NOVEMBER 14, 2023

The attackers exploited zero-day vulnerabilities in Zyxel firewalls used by many critical infrastructure operators in Denmark. On April 25, 2023, Zyxel disclosed a critical vulnerability (CVSS score 9.8), tracked as CVE-2023-28771 , in a number of their firewalls. through 4.73, VPN series firmware versions 4.60

Cyber Attacks 138

Cyber Attacks Firmware Firewall VPN 138

eSecurity Planet

SEPTEMBER 25, 2023

Subscribe The post Cloudflare One SASE Review & Features 2023 appeared first on eSecurity Planet. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.

DNS 98

DNS DDOS IoT Firewall 98

Security Affairs

AUGUST 15, 2023

Researchers from the Synack Red Team found multi flaws ( CVE-2023-33871, CVE-2023-38257, CVE-2023-35763 and CVE-2023-35189 ) in the ScrutisWeb ATM fleet monitoring software that can be exploited to remotely hack ATMs. Lagona addressed the vulnerabilities in July 2023 with the release of ScrutisWeb version 2.1.38.

Software 98

Software Hacking VPN Firewall 98

Malwarebytes

MAY 26, 2023

Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on the affected Zyxell firewalls. Patch 1, USG20(W)-VPN firmware versions 4.25 Patch 1, VPN series firmware versions 4.30 Patch 1, USG20(W)-VPN firmware versions 4.25

Firmware 96

Firmware VPN Firewall Accountability 96

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. through 4.73, VPN series firmware versions 4.60 through 5.35.

DDOS 98

DDOS Firmware VPN Firewall 98

Security Affairs

APRIL 25, 2024

Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels. Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA).

VPN 133

VPN Software Firewall Authentication 133

Security Affairs

MARCH 21, 2023

On March 17-18th, 2023, GENERAL BYTES experienced a security incident. “Please keep your CAS behind a firewall and VPN. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN. ” continues the notice.

Cryptocurrency 98

Cryptocurrency VPN Manufacturing Firewall 98

SecureList

APRIL 22, 2024

Diagram of SSH tunnel creation SoftEther VPN The next tool that the attackers used for tunneling was the server utility (VPN Server) from the SoftEther VPN package. To launch the VPN server, the attackers used the following files: vpnserver_x64.exe IP Country + ASN Net name Net Description Address Email 103.27.202[.]85

VPN 143

VPN Passwords Encryption Malware 143

Security Boulevard

FEBRUARY 2, 2024

Introduction Ivanti, an IT management and security company, has issued a warning about multiple zero-day vulnerabilities in its VPN products exploited by Chinese state-backed hackers since December 2023. to gain access to ICS VPN appliances. to gain access to ICS VPN appliances.

VPN 64

VPN Risk Architecture Firewall 64

Cisco Security

AUGUST 28, 2023

XDR (eXtended Detection and Response) Integrations At Black Hat USA 2023, Cisco Secure was the official Mobile Device Management, DNS (Domain Name Service) and Malware Analysis Provider. We appreciate alphaMountain.ai , Pulsedive and Recorded Future donating full licenses to the Black Hat USA 2023 NOC. Hunter summer camp is back.

Wireless 97

Wireless DNS Mobile Technology 97

Security Affairs

FEBRUARY 8, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware.

Energy and Utilities 134

Energy and Utilities VPN Manufacturing Firewall 134

eSecurity Planet

FEBRUARY 12, 2024

The RCE vulnerability is tracked as CVE-2023-40547 and has a severity rating of 8.3. They could also locally exploit CVE-2023-40547 if they had sufficient privileges or could manipulate PXE to chain-load a vulnerable shim bootloader, according to researchers at Eclypsium. The fix: Fortinet told users to disable SSL VPN.

VPN 111

VPN Authentication Software Firewall 111