Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. The threat actor exploited CVE-2024-55591 and CVE-2025-24472 in FortiOS and FortiProxy to gain super-admin access on vulnerable Fortinet appliances. ” reads the report published by Forescout. 13.73.13.73, 8.8.8.8,

Firewall 66

Firewall Ransomware VPN Encryption 66

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Penetration Testing

AUGUST 22, 2024

SonicWall, a prominent network security provider, has released a security advisory warning users of a critical vulnerability (CVE-2024-40766) affecting their SonicOS operating system.

Firewall 137

Firewall Network Security Cybersecurity 137

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane. ” reads the advisory.

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” All customers are encouraged to upgrade their firewalls to the latest MR listed below.” hardware firewalls: SonicOS 6.5.5.1-6n NSv firewalls: SonicOS 6.5.4.v-21s-RC2457

Firewall 114

Firewall Firmware VPN Authentication 114

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 126

Firewall Internet Internet VPN 126

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 116

Firewall Authentication Internet Internet 116

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 105

Firewall Authentication Architecture Internet 105

Security Affairs

APRIL 11, 2024

Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Repeated attacks can eventually trigger a DoS condition by forcing the firewall into maintenance mode, requiring manual intervention to restore online functionality.

Firewall 137

Firewall Software Engineering Authentication 137

Penetration Testing

APRIL 12, 2024

Palo Alto Networks has disclosed a severe zero-day vulnerability (CVE-2024-3400) affecting its market-leading firewall software, PAN-OS. This vulnerability carries a CVSS score of 10.0, indicating its critical severity.

Firewall 111

Firewall Penetration Testing Software Marketing 111

Security Affairs

OCTOBER 25, 2024

The vulnerability CVE-2024-20481 (CVSS score of 5.8) Cisco warned customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. Now the company confirmed that the flaw CVE-2024-20481 is actively exploited in the wild. released in May 2024.

VPN 112

VPN Firewall Technology Passwords 112

The Last Watchdog

OCTOBER 23, 2024

22, 2024, CyberNewswire — INE Security offers essential advice to protect digital assets and enhance security. According to the Verizon 2024 Data Breach Investigations Report , 68% of cybersecurity breaches are caused by human error. Cary, NC, Oct. INE Security emphasizes the importance of regular training forall employees.

Small Business 162

Small Business Data breaches Backups Passwords 162

The Hacker News

AUGUST 26, 2024

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. "An

Firewall 134

Firewall 134

Security Affairs

OCTOBER 9, 2024

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack PAN-OS firewalls. ” reads the advisory. ” reads the advisory.

Firewall 127

Firewall Passwords Authentication Phishing 127

Penetration Testing

APRIL 28, 2024

Palo Alto Networks’ popular firewall appliances are currently in the crosshairs of cybercriminals.

Firewall 111

Firewall Penetration Testing Malware 111

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n

Firewall 125

Firewall Firmware Malware Internet 125

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 136

Firewall VPN Authentication Hacking 136

Bleeping Computer

APRIL 13, 2024

Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. [.]

Firewall 122

Firewall 122

Cisco Security

OCTOBER 17, 2024

Cisco is proud to be recognized as a leader in The Forrester Wave™: Enterprise Firewall Solutions, Q4 2024. Cisco is proud to be recognized as a leader in The Forrester Wave™: Enterprise Firewall Solutions, Q4 2024. Learn more about what sets Cisco apart. Learn more about what sets Cisco apart.

Firewall 106

Firewall 106

Bleeping Computer

APRIL 19, 2024

Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024. [.]

Firewall 110

Firewall 110

Krebs on Security

AUGUST 27, 2024

26, Versa urged customers to deploy a patch for the vulnerability ( CVE-2024-39717 ), which the company said is fixed in Versa Director 22.1.4 ISP on June 12, 2024. In January 2024, the U.S. In a security advisory published Aug. Versa said the weakness allows attackers to upload a file of their choosing to vulnerable systems.

Internet 335

Internet Internet Technology Engineering 335

eSecurity Planet

NOVEMBER 1, 2021

Firewalls are as central to IT security as antivirus programs are to PCs, and the multi-billion-dollar market remains large and growing. But the term “firewall” is far too broad to be of much use to IT security buyers. Types of Firewalls. What is a Firewall? Firewalls protect both on-premises and cloud environments.

Firewall 115

Firewall Small Business Marketing Software 115

Penetration Testing

FEBRUARY 4, 2024

Recently, two security vulnerabilities have been identified in Malwarebytes Binisoft Windows Firewall Control, a widely-used tool that enhances the capabilities of the Windows Firewall.

Firewall 85

Firewall Penetration Testing Risk 85

Penetration Testing

FEBRUARY 17, 2025

A recently disclosed vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now under active attack. This high-severity flaw The post SonicWall Firewalls Under Attack: CVE-2024-53704 Exploited in the Wild, PoC Released appeared first on Cybersecurity News.

Firewall 85

Firewall Cybersecurity VPN 85

Security Affairs

JANUARY 12, 2024

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. ” reads the advisory published by the vendor. “This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.”

Firewall 133

Firewall Hacking Software Information Security 133

eSecurity Planet

OCTOBER 7, 2021

The network firewall is the first line of defense for traffic that passes in and out of a network. The firewall examines traffic to ensure it meets the security requirements set by the organization, and unauthorized access attempts are blocked. Firewall protection has come a long way in recent years. Next-generation firewalls.

Firewall 105

Firewall Marketing Technology Social Engineering 105

Security Boulevard

JULY 16, 2024

July 17, 2024 – NSFOCUS, a leading cybersecurity company, is proud to announce its inclusion in the prestigious The Enterprise Firewall Landscape, Q2 2024 report by Forrester, a globally recognized research and advisory firm. SANTA CLARA, Calif.,

Firewall 72

Firewall Cyber Attacks Cybersecurity 72

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.

Firewall 132

Firewall Government VPN Authentication 132

Security Affairs

MARCH 18, 2025

Fortinet added this vulnerability to an advisory related to the vulnerability CVE-2024-55591 disclosed in January. The flaw CVE-2024-55591 is an Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19

Authentication 115

Authentication Ransomware Firewall Hacking 115

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 66

DDOS Firmware Firewall Passwords 66

Penetration Testing

DECEMBER 30, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about an actively exploited vulnerability in Palo Alto Networks PAN-OS firewall software.

Firewall 72

Firewall Software Cybersecurity 72

eSecurity Planet

JANUARY 16, 2024

Keep an eye out for security announcements from your firewall vendors; it’s possible additional similar vulnerabilities will come to light. January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection.

Firewall 110

Firewall Firmware IoT Authentication 110

Security Boulevard

APRIL 1, 2024

SIEM solutions enable enterprises to monitor and analyze security-related data from a variety of sources, such as firewalls, intrusion detection systems (IDS), and endpoint security devices. The post The Best SIEM Tools To Consider in 2024 appeared first on Security Boulevard.

Firewall 120

Firewall 120

The Hacker News

JANUARY 13, 2024

Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An

Firewall 109

Firewall 109

Penetration Testing

NOVEMBER 19, 2024

In a recent analysis, security researcher Sonny from watchTowr unveiled the technical intricacies of two zero-day vulnerabilities affecting Palo Alto Networks’ Next-Generation Firewalls (NGFW).

Firewall 95

Firewall Cybersecurity 95

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. Last week, VulnCheck researchers warned that ProjectSend vulnerability CVE-2024-11680 (CVSS score: 9.8) appears to have been exploited by attackers in the wild.

Firewall 112

Firewall Authentication Accountability Firmware 112

Penetration Testing

DECEMBER 19, 2024

Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely used network security tool.

Firewall 61

Firewall Network Security Cybersecurity 61