Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n

Firewall 125

Firewall Firmware Malware Internet 125

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). PSIRT and Talos launched an investigation to support the customer.

Firewall 132

Firewall Government VPN Authentication 132

Security Affairs

DECEMBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. Attackers can use malformed XML requests to access arbitrary server files containing account information. appears to have been exploited by attackers in the wild.

Firewall 112

Firewall Authentication Accountability Firmware 112

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane. ” reads the advisory.

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

DECEMBER 20, 2024

Sophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access to devices, and remote code execution. Sophos has addressed three vulnerabilities, respectively tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, in its Sophos Firewall solution. GA (21.0.0) GA (21.0.0)

Firewall 62

Firewall Authentication Passwords Accountability 62

Security Affairs

APRIL 16, 2024

Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. CVE-2024-3400 (CVSS score of 10.0) An unauthenticated attacker can exploit the flaw to execute arbitrary code with root privileges on affected firewalls. This flaw impacts PAN-OS 10.2, PAN-OS 11.0,

Firewall 139

Firewall Hacking Software Cybersecurity 139

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

APRIL 15, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog. An unauthenticated attacker can exploit the flaw to execute arbitrary code with root privileges on affected firewalls. This flaw impacts PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1

Firewall 136

Firewall Cybersecurity Hacking Software 136

Security Affairs

AUGUST 16, 2024

Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in the TCP/IP stack. No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5 No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5

Firewall 142

Firewall Engineering Hacking Information Security 142

Security Affairs

NOVEMBER 15, 2024

The vulnerabilities reside in the Palo Alto Networks’ Expedition solution, which is a migration tool designed to help organizations move configurations from other firewall platforms (like Check Point, Cisco, and others) to Palo Alto’s PAN-OS. reads the advisory. The vulnerabilities impact Expedition versions prior to 1.2.96.

Firewall 109

Firewall Passwords Authentication Phishing 109

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 126

Firewall Internet Internet VPN 126

Security Affairs

MARCH 18, 2024

A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the company Bug Bounty initiative Extravaganza.

Firewall 135

Firewall Malware Passwords Hacking 135

Security Affairs

APRIL 15, 2024

Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2024-3400 PAN-OS flaw and discovered that threat actors have been exploiting it since March 26, 2024. This flaw impacts PAN-OS 10.2,

Firewall 136

Firewall Hacking Authentication Software 136

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 116

Firewall Authentication Internet Internet 116

Security Affairs

OCTOBER 24, 2024

Cisco addressed multiple vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including an actively exploited flaw tracked as CVE-2024-20481. The vulnerability CVE-2024-20481 (CVSS score of 5.8) ” continues the advisory.

VPN 122

VPN Firewall Passwords Software 122

Security Affairs

SEPTEMBER 6, 2024

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. 5035 and older versions. .

Firewall 126

Firewall Passwords Internet Internet 126

Security Affairs

JULY 12, 2024

Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin account takeover. h2All 2024-07-10 2024-07-10 5.3

Authentication 131

Authentication Firewall Accountability Hacking 131

Security Affairs

APRIL 28, 2024

The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 The following vulnerabilities, discovered by the security researcher Pierre Barre , impact all versions up to 2.3.0 Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker.

Firewall 123

Firewall Authentication Backups Architecture 123

Security Affairs

AUGUST 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added Versa Director Dangerous File Type Upload Vulnerability CVE-2024-39717 (CVSS score: 6.6) Although details are limited, Versa Networks confirmed one case where the vulnerability was exploited due to a customer’s failure to implement recommended firewall guidelines.

Firewall 126

Firewall Authentication Hacking Cybersecurity 126

Security Affairs

MAY 30, 2024

Threat actors exploited the flaw to gain remote firewall access and breach corporate networks. Early this week, the security firm warned of a surge in attacks aimed at VPN solutions. CISA orders federal agencies to fix this vulnerability by June 20, 2024. Impacted versions are R80.20.x, x, and R81.20.

VPN 128

VPN Firewall Hacking Risk 128

eSecurity Planet

SEPTEMBER 21, 2024

Each of these regulations addresses different aspects of cybersecurity and data protection, making it essential for businesses and organizations to stay informed and proactive. Tools such as intrusion detection systems (IDS), firewalls, and encryption technologies are critical in safeguarding data and ensuring compliance with regulations.

Cybersecurity 114

Cybersecurity Computers and Electronics Cyber threats Healthcare 114

Security Affairs

OCTOBER 25, 2024

The vulnerability CVE-2024-20481 (CVSS score of 5.8) Cisco warned customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. Now the company confirmed that the flaw CVE-2024-20481 is actively exploited in the wild. released in May 2024.

VPN 112

VPN Firewall Technology Passwords 112

Security Affairs

NOVEMBER 19, 2024

CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain administrator privileges. This access enables administrative actions, configuration tampering, or exploitation of other vulnerabilities like CVE-2024-9474.

Authentication 109

Authentication Firewall Risk Hacking 109

Security Affairs

APRIL 16, 2024

Cisco Talos researchers warn of large-scale credential brute-force attacks targeting multiple targets, including Virtual Private Network (VPN) services, web application authentication interfaces and SSH services since at least March 18, 2024.

VPN 140

VPN Firewall Authentication Hacking 140

Security Affairs

APRIL 25, 2024

Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA). On April 19, 2024, CrushFTP advised of a virtual file system escape present in their FTP software that could allows users to download system files. reads a post published by Crowdstrike on Reddit.

VPN 133

VPN Software Firewall Authentication 133

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. .” reads the advisory published by Okta.

VPN 139

VPN Accountability Firewall Data breaches 139

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild. Impacted versions are R80.20.x,

VPN 125

VPN Authentication Passwords Accountability 125

Security Affairs

AUGUST 2, 2024

Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of a vulnerability, tracked as CVE-2024-7029 (CVSS base score of 8.8), in Avtech camera that has been exploited in the wild. Placing control system networks and remote devices behind firewalls and isolating them from business networks.

Firmware 128

Firmware Firewall Risk Authentication 128

Security Affairs

JANUARY 21, 2024

Patch it now! million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8 million cryptojacking scheme arrested in Ukraine Cybercrime Cryptojacker arrested in Ukraine over EUR 1.8

Artificial Intelligence 128

Artificial Intelligence VPN Hacking Firewall 128

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 102

Firewall Authentication Internet Internet 102

Security Affairs

FEBRUARY 15, 2024

“A January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that GRU Military Unit 26165 , also known as APT28, Sofacy Group , Forest Blizzard , Pawn Storm , Fancy Bear , and Sednit , used to conceal and otherwise enable a variety of crimes.”

Firewall 136

Firewall Government Malware Hacking 136

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 131

VPN Cybercrime Ransomware Hacking 131

Security Affairs

DECEMBER 19, 2024

Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024. Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. ” read the report published by Juniper Networks.

DDOS 66

DDOS Firmware Firewall Passwords 66

Security Affairs

AUGUST 27, 2024

China-linked APT Volt Typhoon exploited a zero-day vulnerability, tracked as CVE-2024-39717 , in Versa Director, to deploy a custom webshell on breached networks. Although details are limited, Versa Networks confirmed one case where the vulnerability was exploited due to a customer’s failure to implement recommended firewall guidelines.

Energy and Utilities 130

Energy and Utilities Firewall Technology Malware 130

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 302

Government Hacking Cyber threats Mobile 302

Security Affairs

JULY 23, 2024

Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap files in compromised Magento websites to conceal a persistent software skimmer and harvest payment information.

Malware 133

Malware Firewall Information Security Hacking 133

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 141

Ransomware Backups Healthcare Firewall 141