Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 125

Firewall Internet Internet VPN 125

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 115

Firewall Authentication Internet Internet 115

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 105

Firewall Authentication Architecture Internet 105

Security Affairs

APRIL 11, 2024

Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. ” reads the advisory. ” reads the advisory.

Firewall 136

Firewall Software Engineering Authentication 136

Krebs on Security

AUGUST 27, 2024

In a security advisory published Aug. 26, Versa urged customers to deploy a patch for the vulnerability ( CVE-2024-39717 ), which the company said is fixed in Versa Director 22.1.4 ISP on June 12, 2024. In January 2024, the U.S. victims and one non-U.S. ”

Internet 333

Internet Internet Technology Engineering 333

Security Affairs

OCTOBER 25, 2024

The vulnerability CVE-2024-20481 (CVSS score of 5.8) Cisco warned customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. Now the company confirmed that the flaw CVE-2024-20481 is actively exploited in the wild. released in May 2024.

VPN 112

VPN Firewall Technology Passwords 112

Security Affairs

OCTOBER 9, 2024

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack PAN-OS firewalls. ” reads the advisory. ” reads the advisory.

Firewall 127

Firewall Passwords Authentication Phishing 127

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 136

Firewall VPN Authentication Hacking 136

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n

Firewall 124

Firewall Firmware Malware Internet 124

Security Affairs

JANUARY 12, 2024

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. ” reads the advisory published by the vendor. “This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.”

Firewall 133

Firewall Hacking Software Information Security 133

Security Affairs

MARCH 18, 2025

Fortinet added this vulnerability to an advisory related to the vulnerability CVE-2024-55591 disclosed in January. The flaw CVE-2024-55591 is an Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19

Authentication 114

Authentication Ransomware Firewall Hacking 114

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). PSIRT and Talos launched an investigation to support the customer.

Firewall 131

Firewall Government VPN Authentication 131

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 65

DDOS Firmware Firewall Passwords 65

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. Attackers can use malformed XML requests to access arbitrary server files containing account information. appears to have been exploited by attackers in the wild.

Firewall 112

Firewall Authentication Accountability Firmware 112

eSecurity Planet

OCTOBER 18, 2024

As they do, they create more security vulnerabilities and inherent business, changing the nature of cybersecurity careers. and the Ponemon Institute, the average security breach cost reached $4.88 million in 2024 — 10% more than the previous year and the highest average ever. year-over-year in 2024, demand grew by 8.1%.

Cybersecurity 126

Cybersecurity Artificial Intelligence Penetration Testing CISO 126

Security Affairs

FEBRUARY 21, 2025

This week, Palo Alto Networks warned that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls. Attackers are chaining them with the CVE-2025-0108 with CVE-2024-9474 issues.

Authentication 77

Authentication Firewall Cybersecurity Hacking 77

Security Affairs

APRIL 16, 2024

Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. CVE-2024-3400 (CVSS score of 10.0) An unauthenticated attacker can exploit the flaw to execute arbitrary code with root privileges on affected firewalls. This flaw impacts PAN-OS 10.2, PAN-OS 11.0,

Firewall 139

Firewall Hacking Software Cybersecurity 139

Security Affairs

APRIL 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog. An unauthenticated attacker can exploit the flaw to execute arbitrary code with root privileges on affected firewalls. This flaw impacts PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1

Firewall 135

Firewall Cybersecurity Hacking Software 135

Security Affairs

NOVEMBER 13, 2024

Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The group also relies on customized versions of open-source tools for C2 communications and stay under the radar.

VPN 121

VPN Government Malware Manufacturing 121

Security Affairs

AUGUST 16, 2024

Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in the TCP/IP stack. No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5 No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5

Firewall 142

Firewall Engineering Hacking Information Security 142

Security Affairs

OCTOBER 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 115

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 115

SecureList

DECEMBER 9, 2024

As part of Kaspersky Security Bulletin 2024, our “Story of the Year” centers on these pressing issues. We’ll begin by revisiting notable supply chain incidents from 2024, and then explore potential scenarios of more damaging cases and the ways we prepare for them. Let’s dive in! The Polyfill.io

Internet 106

Internet Internet Risk Social Engineering 106

Security Affairs

APRIL 15, 2024

Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2024-3400 PAN-OS flaw and discovered that threat actors have been exploiting it since March 26, 2024. This flaw impacts PAN-OS 10.2,

Firewall 136

Firewall Hacking Authentication Software 136

eSecurity Planet

SEPTEMBER 21, 2024

Each of these regulations addresses different aspects of cybersecurity and data protection, making it essential for businesses and organizations to stay informed and proactive. Tools such as intrusion detection systems (IDS), firewalls, and encryption technologies are critical in safeguarding data and ensuring compliance with regulations.

Cybersecurity 122

Cybersecurity Computers and Electronics Cyber threats Healthcare 122

Security Affairs

SEPTEMBER 6, 2024

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. 5035 and older versions. .

Firewall 125

Firewall Passwords Internet Internet 125

Security Affairs

DECEMBER 8, 2024

warn of PRC-linked cyber espionage targeting telecom networks U.S. Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49

Artificial Intelligence 102

Artificial Intelligence Spyware Hacking Ransomware 102

Security Affairs

APRIL 1, 2025

” Attackers used obfuscated PHP in mu-plugins to execute hidden payloads from /wp-content/uploads/2024/12/index.txt , using the functions eval() to run arbitrary code stealthily. “Regular security monitoring, file integrity checks, and web application firewalls (WAFs) are essential in keeping such infections at bay.”

Malware 88

Malware Firewall Hacking Cybercrime 88

Security Affairs

FEBRUARY 15, 2025

CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug U.S. custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 68

Spyware Firewall Artificial Intelligence Malware 68

Security Affairs

JULY 12, 2024

Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin account takeover. h2All 2024-07-10 2024-07-10 5.3

Authentication 130

Authentication Firewall Accountability Hacking 130

Security Affairs

APRIL 28, 2024

The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker.

Firewall 123

Firewall Authentication Backups Architecture 123

Security Affairs

MARCH 18, 2024

A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the company Bug Bounty initiative Extravaganza.

Firewall 135

Firewall Malware Passwords Hacking 135

Security Affairs

JANUARY 29, 2025

The bot targets the command injection vulnerability CVE-2024-41710 that impacts Mitel models. ” The malware targets the flaw CVE-2024-41710 that affects Mitel 6800, 6900, and 6900w series SIP phones, including the 6970 Conference Unit through R6.4.0.HF1 Named after the Aqua filename, it was first reported in November 2023.

DDOS 67

DDOS Firmware Malware Firewall 67

Security Affairs

AUGUST 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added Versa Director Dangerous File Type Upload Vulnerability CVE-2024-39717 (CVSS score: 6.6) Although details are limited, Versa Networks confirmed one case where the vulnerability was exploited due to a customer’s failure to implement recommended firewall guidelines.

Firewall 125

Firewall Authentication Hacking Cybersecurity 125

Security Affairs

MAY 30, 2024

Threat actors exploited the flaw to gain remote firewall access and breach corporate networks. Early this week, the security firm warned of a surge in attacks aimed at VPN solutions. CISA orders federal agencies to fix this vulnerability by June 20, 2024. Impacted versions are R80.20.x, x, and R81.20.

VPN 128

VPN Firewall Hacking Risk 128

Security Affairs

MARCH 16, 2025

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks U.S. New MassJacker clipper targets pirated software seekers Cisco IOS XR flaw allows attackers to crash BGP process on routers LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

Spyware 72

Spyware Cybercrime Ransomware IoT 72

Security Affairs

DECEMBER 11, 2024

Between late June and mid-July 2024, a China-linked threat actor targeted major IT service providers in Southern Europe in a campaign codenamed ‘Operation Digital Eye.’ “The attack campaign, which we have dubbed Operation Digital Eye, took place from late June to mid-July 2024, lasting approximately three weeks.”

Firewall 73

Firewall Malware Accountability Technology 73

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 70

Cybercrime Firewall Social Engineering Ransomware 70