Security Boulevard

APRIL 17, 2025

In April 2024, Palo Alto Networks PAN-OS suffered a zero-day vulnerability that allowed attackers to install a Python-based backdoor known as UPSTYLE. They were strategic, persistent, and laser-focused on exploiting firewall and VPN weak points to establish long-term control over sensitive systems. The takeaway? Download now.

Firewall 64

Firewall VPN Encryption Architecture 64

SecureList

JUNE 3, 2024

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Since it is not used by the firmware, we have no idea how the attackers learned to use it.

Banking 118

Banking Malware Computers and Electronics Mobile 118

eSecurity Planet

MAY 2, 2024

Most organizations express confidence in their current status and budgets, but also expect to experience at least one data breach in 2024. 30% data breaches and +23% ransomware for the first two months of 2024. Read on for more details on these threats or jump down to see the linked vendor reports. globally, +19.8%

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Passwords 121

eSecurity Planet

JANUARY 16, 2024

January 10, 2024 Thousands of WordPress Sites Vulnerable to Malware Injection Type of vulnerability: Cross-site scripting flaw in Popup Builder that allows a malware injection. This vulnerability is tracked as CVE-2024-21591. According to Bitdefender, the thermostat does not validate the authenticity of a new firmware update.

Firewall 109

Firewall Firmware IoT Authentication 109

Security Boulevard

MARCH 3, 2025

Privacy Services Brave iOS update brings Smart Proxy and Kill Switch AlternativeTo This has more to do with Brave's VPN service rather than its browser. An update (version 1.75) on iOS introduces Smart Proxy and Kill Switch for Brave's VPN service. Malware campaigns covered generally target/affect the end user.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

Security Boulevard

MARCH 24, 2025

Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw). This vulnerability was patched by Apple in December 2024, but they only disclosed it recently. They also have appeared to partner with Proton.

Surveillance 75

Surveillance Telecommunications Malware Data breaches 75

eSecurity Planet

MARCH 4, 2024

February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect. February 27, 2024 Ransomware Gangs Target Unpatched ScreenConnect Servers Type of vulnerability: Authentication bypass and path traversal. The fix: Apply Windows patches ASAP.

IoT 117

IoT Internet Internet Ransomware 117

eSecurity Planet

JANUARY 22, 2024

January 16, 2024 Open-Source UEFI Implementation Sees 9 Vulnerabilities Type of vulnerability: Weaknesses in the network boot process of UEFI’s network implementation. The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities.

Authentication 113

Authentication Malware VPN Mobile 113

Kali Linux

FEBRUARY 27, 2024

Hello 2024! 2024 Theme Refresh As for previous 20**.1 Now, users can effortlessly copy their VPN IP address to the clipboard with just a click , simplifying the workflow and enhancing productivity for our users. With this improvement, managing your VPN connections on Kali Linux becomes even more seamless and intuitive.

Software 144

Software Firmware VPN Internet 144

eSecurity Planet

MAY 20, 2024

May 10, 2024 Vulnerability in Python Package Affects AI Models Type of vulnerability: Template injection in Python package. The vulnerability is tracked as CVE-2024-34359 and has a severity rating of 4.0. Use always-active VPN connections and never reuse the same credentials for an SSID.

VPN 62

VPN Firmware Malware Software 62

Pen Test Partners

SEPTEMBER 18, 2024

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Product: H685t-w Vulnerable Firmware Version: 3.2.334 Links: CVE-2024-45682 icsa-24-261-02 Proroute changelogs Description Two authenticated command injection vulnerabilities have been identified in the H685t-w-P2 Compact 4G router running firmware version 3.2.334. High) CVSS: 3.1/

Firmware 69

Firmware VPN Mobile Passwords 69

Webroot

OCTOBER 31, 2024

Steam the Webinar on demand HERE As we look back on the cybersecurity landscape of 2024, it’s clear that the world of digital threats continues to evolve at an alarming pace in parallel with AI. The saga of LockBit in 2024 exemplifies the resilience and adaptability of these cybercriminal groups.

Malware 109

Malware Ransomware Passwords Healthcare 109

Krebs on Security

MAY 22, 2023

Very often, this proxy software is installed surreptitiously, such as through a “Free VPN” service or mobile app. Residential proxies also can refer to households protected by compromised home routers running factory-default credentials or outdated firmware.

Scams 297

Scams DDOS Cryptocurrency Accountability 297

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT 52

IoT Firmware Mobile Manufacturing 52

Security Affairs

FEBRUARY 11, 2025

Fortinet added this vulnerability to an advisory related to the vulnerability CVE-2024-55591 disclosed in January. The flaw CVE-2024-55591 is anAuthentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 Fortinet fixed it in FortiOS 7.0.17 or above and FortiProxy 7.0.20/7.2.13

Firewall 126

Firewall Firmware VPN Authentication 126