Advertising, Authentication and Firewall

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild.

Firewall

Firewall Passwords Accountability Advertising

Cisco fixes 5 critical flaws that could allow router firewall takeover

Security Affairs

JULY 16, 2020

Cisco addresses a critical remote code execution (RCE), authentication bypass, and static default credential flaws that could lead to full router takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Small Business Wireless Advertising

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Security Affairs

MAY 21, 2020

Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. It was designed to download payloads intended to exfiltrate XG Firewall-resident data. Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall

Firewall Ransomware Passwords VPN

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Security Affairs

JUNE 29, 2020

Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. OS ) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. x base score of 10. . x base score of 10.

Firewall

Firewall Authentication VPN Advertising

Sophos fixed a critical vulnerability in Cyberoam firewalls

Security Affairs

OCTOBER 10, 2019

A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password.

Firewall

Firewall VPN Passwords Internet

P2P Weakness Exposes Millions of IoT Devices

Krebs on Security

APRIL 26, 2019

iLnkP2P is designed to allow users of these devices to quickly and easily access them remotely from anywhere in the world, without having to tinker with one’s firewall: Users simply download a mobile app, scan a barcode or enter the six-digit ID stamped onto the bottom of the device, and the P2P software handles the rest.

IoT

IoT Firewall Manufacturing Computers and Electronics

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

Palo Alto Networks addressed tens of vulnerabilities in PAN-OS, the software that runs on the company’s next-generation firewalls. Palo Alto Networks has issued security updates to address tens of vulnerabilities in PAN-OS, the software that runs on the company’s next-generation firewalls. The issue received a CVSSv3.1

Firewall

Firewall Authentication Advertising VPN

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Security Affairs

JANUARY 20, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/ phscripts /bin/ tunnelshell script, SSH authentication still succeeds.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Authentication

Authentication Advertising Firmware Firewall

Palo Alto Networks addresses another high severity issue in PAN-OS devices

Security Affairs

JULY 9, 2020

Palo Alto Networks addressed a new severe vulnerability in the PAN-OS GlobalProtect portal that impacts PAN next-generation firewalls. Recently Palo Alto Network addressed a critical vulnerability , tracked as CVE-2020-2021, affecting the PAN-OS operating system that powers its next-generation firewall. x base score of 10. .

Firewall

Firewall Advertising Authentication Hacking

Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS

Security Affairs

SEPTEMBER 10, 2020

Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. Palo Alto Networks has released security updates to patch critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software.

Firewall

Firewall Authentication Advertising Software

Robocall Legal Advocate Leaks Customer Data

Krebs on Security

AUGUST 3, 2020

“Our Litigation Firewall isolates the infection and protects you from harm. Thousands of documents, emails, spreadsheets, images and the names tied to countless mobile phone numbers all could be viewed or downloaded without authentication from the domain theblacklist.click.

Mobile

Mobile Marketing Consumer Protection Wireless

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Security Affairs

OCTOBER 16, 2020

. “A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. “This flaw exists pre-authentication and within a component (SSLVPN) which is typically exposed to the public Internet.”

VPN

VPN Firewall Advertising Internet

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

Notably, they target CVE-2024-1709 (ScreenConnect authentication bypass) and CVE-2023-48788 (Fortinet EMS SQL injection) to infiltrate systems. The threat actors use PsExec to execute scripts, enable RDP access, and modify firewall rules. Attackers use Mimikatz to steal credentials. Threat actors use Rclone for data exfiltration.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life

Security Affairs

AUGUST 6, 2020

Ensuring anti-virus, spam filters, and firewalls are up to date, properly configured, and secure.” Auditing your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Healthcare Firewall Advertising

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

NOVEMBER 17, 2022

In an interview with KrebsOnSecurity, James said Unit 221B was wary of advertising its ability to crack Zeppelin ransomware keys because it didn’t want to tip its hand to Zeppelin’s creators, who were likely to modify their file encryption approach if they detected it was somehow being bypassed.

Ransomware

Ransomware Encryption Backups Manufacturing

Aquabot variant v3 targets Mitel SIP phones

Security Affairs

JANUARY 29, 2025

The vendor warned that the exploitation of the flaw could allow an authenticated attacker with administrative privilege to conduct a command injection attack due to insufficient parameter sanitization during the boot process. HF1 (R6.4.0.136). In mid-July 2024, Mitel addressed the vulnerability with the release of firmware updates.

DDOS

DDOS Firmware Malware Firewall

Flaw in Ad Inserter WordPress plugin allows remote attackers to execute code

Security Affairs

JULY 15, 2019

A critical vulnerability affecting the Ad Inserter WordPress plugin could be exploited by authenticated attackers to remotely execute PHP code. Security researchers at Wordfence discovered a critical vulnerability in the Inserter WordPress plugin that could be exploited by authenticated attackers to remotely execute PHP code.

Authentication

Authentication Firewall Advertising Information Security

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Security Affairs

JANUARY 24, 2020

This vulnerability is pre-authentication and requires no user interaction. “Simply disabling UDP Transport, or firewalling the UDP port (usually port 3391) is sufficient to prevent exploitation,” explained the popular researcher Marcus Hutchins. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Firewall Education Engineering

Imperva data Breach: WAF customers’ data exposed

Security Affairs

AUGUST 27, 2019

Security firm Imperva revealed it has suffered a data breach that affecting some customers of its Cloud Web Application Firewall (WAF) product. Cybersecurity firm Imperva disclosed a data breach that has exposed sensitive information for some customers of its Cloud Web Application Firewall (WAF) product, formerly known as Incapsula.

Data breaches

Data breaches Firewall Passwords Advertising

Juniper fixes tens of flaws affecting the Junos OS

Security Affairs

OCTOBER 16, 2020

The vendor has published 40 security advisories related to security vulnerabilities in the Junos OS operating system that runs on Juniper’s firewalls and other third-party components. “If SAML authentication is not enabled, the product is not affected. . “If SAML authentication is not enabled, the product is not affected.

Authentication

Authentication Advertising Firewall Hacking

Large-scale campaign targets configuration files from WordPress sites

Security Affairs

JUNE 4, 2020

“Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” continues the analysis.

Advertising

Advertising Firewall Accountability Authentication

Flaws in leading industrial remote access systems allow disruption of operations

Security Affairs

OCTOBER 1, 2020

The Agency confirmed that an authenticated attacker with access to the solution via a general license could exploit the flaws to trigger a DoS condition or to achieve arbitrary information disclosure and data manipulation. Locate control system networks and remote devices behind firewalls, and isolate them from the business network.

Advertising

Advertising Authentication VPN Firewall

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. Enable Network Level Authentication. This security improvement requires attackers to have valid credentials to perform remote code authentication.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

JUNE 29, 2020

” Unfortunately, most organizations often neglect the protection of RDP accesses and workers use easy-to-guess passwords and with no additional layers of authentication or protection. Use an additional layer of authentication ( MFA/2FA ). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Internet Internet Advertising

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Security Affairs

FEBRUARY 18, 2020

This means that these components have no way to validate that the firmware loaded by the device is authentic and should be trusted. The malware act as an attack vector used to load the tainted firmware onto a peripheral device that is not able to validate its origin and authenticity. ” reads the analysis published by the experts.

Firmware

Firmware Hacking Authentication Advertising

Cisco fixes 34 High-Severity flaws in IOS and IOS XE software

Security Affairs

SEPTEMBER 25, 2020

Two vulnerabilities can allow authenticated attackers with local access to the target devices to execute arbitrary code. One vulnerability can be exploited by an authenticated attacker to access some parts of the user interface they normally should not be able to access. Pierluigi Paganini. SecurityAffairs – hacking, DoS).

Software

Software DNS Wireless Advertising

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

Authentication. To increase the complexity of hacking your device, always get to know who is calling your APIs, by using a simple access authentication (user/password) or an API key (asymmetric key). The authorization and/or authentication of your APIs should be delegated. API Firewalling. Encryption. Just be cryptic.

Authentication

Authentication Firewall Encryption Passwords

Stored XSS in WP Product Review Lite plugin allows for automated takeovers

Security Affairs

MAY 18, 2020

“During a routine research audit for our Sucuri Firewall , we discovered an Unauthenticated Persistent Cross-Site Scripting (XSS) affecting 40,000+ users of the WP Product Review plugin.” Once the attacker has authenticated as an admin, it could add a new admin account to take over the site. Pierluigi Paganini.

Advertising

Advertising Authentication Firewall Hacking

A critical flaw in Rank Math WordPress plugin allows hackers to give users Admins privileges

Security Affairs

MARCH 31, 2020

Firewall rule released for Wordfence Premium users. April 23, 2020 – Firewall rule becomes available to Wordfence free users. 2020 – An authentication bypass vulnerability in the InfiniteWP plugin that could potentially impact by more than 300,000 sites. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firewall

Firewall Advertising Engineering Authentication

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Security Affairs

MARCH 12, 2020

no authentication and clear-text communication Incorrect HTTP requests cause out of range access in Zope XSS on the web interface Private SSH key Backdoor APIs Backdoor management access and RCE Pre-auth RCE with chrooted access. Also, there is no firewall by default.” log escape sequence injection xmppCnrSender.py

Accountability

Accountability Advertising Software Passwords

Cisco addresses flaws in its products, including Small Business routers and Webex

Security Affairs

JANUARY 24, 2019

The vulnerability could be exploited by a remote, authenticated attacker to cause a DoS condition and in some conditions to execute arbitrary code with root privileges. In most cases, exploitation requires the attacker to authenticate to the targeted system. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Small Business

Small Business IoT Authentication Engineering

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

In order to discover potential targets and locate the information it needs to authenticate against, the script passively collects data from /.ssh/config,bash_history, Experts also recommend to access admin endpoints only through firewall or VPN gateway. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Malware Advertising VPN

Experts found a critical vulnerability in the NSA Ghidra tool

Security Affairs

MARCH 21, 2019

The experts demonstrated that an attacker could exploit the issue by setting up an HTTP Server with NTLM authentication, then use an XXE/SSRF vulnerability to force a NTLM authentication from the victim. When authenticating with NTLMv1, attacker can directly relay the Net-NTLM Hash to the victim’s SMB service.

Authentication

Authentication Advertising Engineering Firewall

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

If these services are required, use strong passwords or Active Directory authentication. Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Keep operating system patches up-to-date.

Malware

Malware Passwords Advertising Antivirus

Credential-stealing malware disguises itself as Telegram, targets social media users

Malwarebytes

APRIL 11, 2022

First, the malware checks whether it is able to authenticate using the stolen cookies. If the cookies are valid and provide proper authentication, it sends a GET /settings request using the Access Token to facebook.com along with the authenticated cookies so it can fetch the User Account settings of the compromised account.

Media

Media Malware Spyware Accountability

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

The issue does not impact customers who use Active Directory authenticated accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, HP).

Hacking

Hacking Accountability Passwords Advertising

PoC exploit code for Apache Solr RCE flaw is available online

Security Affairs

NOVEMBER 25, 2019

sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. are affected by the flaw.

Advertising

Advertising Firewall Engineering Authentication

Zero-day in popular Yuzo Related Posts WordPress Plugin exploited in the wild

Security Affairs

APRIL 12, 2019

According to security experts at WordFence, the vulnerability in Yuzo plugin stems from missing authentication checks in the plugin routines used to store settings in the database. “The vulnerability in Yuzo Related Posts stems from missing authentication checks in the plugin routines responsible for storing settings in the database.”

Scams

Scams Advertising Authentication Firewall

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

AUGUST 4, 2020

If these services are required, use strong passwords or Active Directory authentication. Enable a personal firewall on agency workstations, configured to deny unsolicited connection requests. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Keep operating system patches up-to-date.

Malware

Malware Government Passwords Advertising

A daily average of 80,000 printers exposed online via IPP

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. “Obviously, these counts only represent devices that are not firewalled and allow direct querying over the IPv4 Internet.”

Internet

Internet Internet Firmware Advertising

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malicious code was initially advertised on many hacking forums for up to $300, later other threat actors started offering it for less than $80 in the cybercrime underground. If these services are required, use strong passwords or Active Directory authentication. Enforce multi-factor authentication. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

The strengths and weaknesses of different VPN protocols

Security Affairs

APRIL 26, 2019

The protocol relies on encryption, authentication and peer-to-peer protocol (PPP) negotiation. Does not support Perfect Forward Secrecy One of the least secure protocols Firewalls can block PPTP. Firewalls can easily block it because it only communicates over UDP. Slower than OpenVPN due to double encapsulation.

VPN

VPN Encryption Firewall Internet

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

Set up a Web Application Firewall to block suspicious and malicious requests from reaching the website. Require strong administrative passwords(use a password manager for best results) and enable two-factor authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

eCommerce

eCommerce Malware Encryption Advertising

Zyxel addresses Zero-Day vulnerability in NAS devices

Security Affairs

FEBRUARY 25, 2020

. “Multiple ZyXEL network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device.” “ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. and earlier.

Authentication

Authentication Advertising Firmware Internet

Hackers exploit SQL injection zero-day issue in Sophos firewall

Cisco fixes 5 critical flaws that could allow router firewall takeover

Trending Sources

Sophos blocked attacks exploiting XG Firewall zero-day to deploy Ransomware

Palo Alto Networks fixes a critical flaw in firewall PAN-OS

Sophos fixed a critical vulnerability in Cyberoam firewalls

P2P Weakness Exposes Millions of IoT Devices

Palo Alto Networks addresses tens of serious issues in PAN-OS

Expert found a hardcoded SSH Key in Fortinet SIEM appliances

Palo Alto Networks addresses another high severity issue in PAN-OS devices

Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS

Robocall Legal Advocate Leaks Customer Data

Almost 800,000 SonicWall VPN appliances online are vulnerable to CVE-2020-5135

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life

Researchers Quietly Cracked Zeppelin Ransomware Keys

Aquabot variant v3 targets Mitel SIP phones

Flaw in Ad Inserter WordPress plugin allows remote attackers to execute code

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Imperva data Breach: WAF customers’ data exposed

Juniper fixes tens of flaws affecting the Junos OS

Large-scale campaign targets configuration files from WordPress sites

Flaws in leading industrial remote access systems allow disruption of operations

NSA urges Windows Users and admins to Patch BlueKeep flaw

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Cisco fixes 34 High-Severity flaws in IOS and IOS XE software

API Security and Hackers: What?s the Need?

Stored XSS in WP Product Review Lite plugin allows for automated takeovers

A critical flaw in Rank Math WordPress plugin allows hackers to give users Admins privileges

Experts disclose tens of flaws in Zyxel Cloud CNM SecuManager, includes dangerous backdoors

Cisco addresses flaws in its products, including Small Business routers and Webex

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Experts found a critical vulnerability in the NSA Ghidra tool

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Credential-stealing malware disguises itself as Telegram, targets social media users

HP Device Manager flaws expose Windows systems to hack

PoC exploit code for Apache Solr RCE flaw is available online

Zero-day in popular Yuzo Related Posts WordPress Plugin exploited in the wild

US govt agencies share details of the China-linked espionage malware Taidoor

A daily average of 80,000 printers exposed online via IPP

CISA’s advisory warns of notable increase in LokiBot malware

The strengths and weaknesses of different VPN protocols

Visa warns of new sophisticated credit card skimmer dubbed Baka

Zyxel addresses Zero-Day vulnerability in NAS devices

Stay Connected