Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise.

Firewall 73

Firewall Ransomware VPN Firmware 73

Security Affairs

JANUARY 14, 2025

Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf researchers observed a campaign targeting Fortinet FortiGate firewalls with exposed management interfaces, likely exploiting a zero-day vulnerability. ” continues the advisory.

Firewall 81

Firewall VPN Accountability Firmware 81

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. “When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. 13.73.13.73, 8.8.8.8, ” reads the report.

Firewall 65

Firewall Ransomware VPN Encryption 65

Schneier on Security

MAY 16, 2024

ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices. ” By default, the firewall will deny resolutions to all domains except those enumerated in allow lists. ”

DNS 328

DNS Firewall Engineering Network Security 328

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” All customers are encouraged to upgrade their firewalls to the latest MR listed below.” hardware firewalls: SonicOS 6.5.5.1-6n NSv firewalls: SonicOS 6.5.4.v-21s-RC2457

Firewall 113

Firewall Firmware VPN Authentication 113

Tech Republic Security

MARCH 27, 2024

DNS FireWall is an intuitive security app built to protect you and your business from malware, phishing, botnets and more security threats.

Firewall 147

Firewall DNS Phishing Malware 147

Penetration Testing

NOVEMBER 15, 2024

Today, Palo Alto Networks, a leading cybersecurity firm, has issued an urgent update to a recent security advisory, raising the severity level to “Critical” after observing active exploitation of a... The post Palo Alto Networks Raises Alarm on Firewall Vulnerability Following Active Exploitation appeared first on Cybersecurity (..)

Firewall 60

Firewall Cybersecurity 60

Security Affairs

DECEMBER 27, 2024

An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious packet through its data plane. Repeated exploitation forces the firewall into maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.” ” reads the advisory.

DNS 112

DNS Firewall Spyware Software 112

Security Affairs

APRIL 11, 2024

Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Repeated attacks can eventually trigger a DoS condition by forcing the firewall into maintenance mode, requiring manual intervention to restore online functionality.

Firewall 136

Firewall Software Engineering Authentication 136

The Hacker News

JANUARY 14, 2025

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet.

Firewall 144

Firewall VPN Authentication Accountability 144

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 125

Firewall Internet Internet VPN 125

Penetration Testing

JANUARY 26, 2025

Eclypsium researchers have uncovered multiple critical vulnerabilities in several Palo Alto Networks (PAN) next-generation firewalls (NGFWs). This report The post Palo Alto Networks Firewalls Exposed: BootHole and Other Critical Flaws Uncovered appeared first on Cybersecurity News.

Firewall 56

Firewall Cybersecurity 56

Penetration Testing

NOVEMBER 4, 2024

This backdoor malware, discovered on Sophos XG... The post Pygmy Goat Malware: A Sophisticated Network Device Backdoor Targets Firewalls appeared first on Cybersecurity News. In a recent report by the National Cyber Security Centre (NCSC), analysts detailed a new malware threat targeting network devices, dubbed “Pygmy Goat.”

Firewall 62

Firewall Malware Cybersecurity 62

The Hacker News

NOVEMBER 16, 2024

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild.

Firewall 138

Firewall Network Security 138

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 115

Firewall Authentication Internet Internet 115

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n 5035 and older versions.”

Firewall 124

Firewall Firmware Malware Internet 124

The Hacker News

JANUARY 23, 2025

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features. These weren't obscure, corner-case vulnerabilities," security vendor Eclypsium said in a report shared with The Hacker News.

Firmware 142

Firmware Firewall 142

Security Affairs

JANUARY 15, 2025

. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” “As many as 80 different device types can be found in the data leak, with the FortiGate Firewall 40F and 60F being the most widespread.

VPN 129

VPN Passwords Firewall Firmware 129

Security Affairs

MAY 1, 2024

The threat actors appear to have the capability to control China’s Great Firewall and were observed utilizing a novel technique involving fake DNS MX records. The experts noticed a spike in activity observed in September 2023. However, the Infoblox researchers have yet to discover the motivation behind the attacks.

DNS 140

DNS Firewall DDOS Hacking 140

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall 143

Firewall Hacking Firmware Internet 143

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 136

Firewall VPN Authentication Hacking 136

The Hacker News

MAY 30, 2024

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal.

Firewall 131

Firewall Malware Cryptocurrency 131

The Hacker News

AUGUST 26, 2024

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. "An

Firewall 131

Firewall 131

Security Boulevard

JULY 30, 2024

Firewalls and VPN appliances are critical gateways. Like all on-prem systems, a vulnerability can lead to a compromise that is used to open the door for attackers. The post If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door appeared first on Security Boulevard.

Firewall 122

Firewall VPN Security Awareness Cybersecurity 122

Penetration Testing

FEBRUARY 20, 2025

A Google researcher has disclosed details and a proof-of-concept (PoC) exploit for a vulnerability (CVE-2025-0110) in Palo Alto The post Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls appeared first on Cybersecurity News.

Firewall 136

Firewall Cybersecurity 136

Penetration Testing

AUGUST 22, 2024

The vulnerability, which carries a CVSS score... The post SonicWall Issues Urgent Patch for Critical Firewall Vulnerability (CVE-2024-40766) appeared first on Cybersecurity News.

Firewall 128

Firewall Network Security Cybersecurity 128

Penetration Testing

JANUARY 15, 2025

Cybersecurity expert Kevin Beaumont has reported that over 15,000 FortiGate firewall configurations, including VPN credentials, have been publicly The post 15,000 FortiGate Firewalls Exposed: Massive Leak Includes VPN Credentials appeared first on Cybersecurity News.

Firewall 110

Firewall VPN Cybersecurity 110

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 105

Firewall Authentication Architecture Internet 105

Security Affairs

OCTOBER 9, 2024

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack PAN-OS firewalls. ” reads the advisory. ” reads the advisory.

Firewall 127

Firewall Passwords Authentication Phishing 127

The Hacker News

DECEMBER 20, 2024

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild.

Firewall 113

Firewall 113

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks.

Firewall 131

Firewall Government VPN Authentication 131

IT Security Guru

MARCH 14, 2025

It provides a firewall that blocks malicious traffic before it reaches your website. It offers a website firewall, which blocks attacks before they can do any harm. All In One WP Security & Firewall This plugin is great for beginners who want an easy way to secure their website.

Cybersecurity 74

Cybersecurity Firewall Cyber Attacks Passwords 74

Penetration Testing

DECEMBER 24, 2024

Northwave Cyber Security has identified a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls. The backdoor was uncovered during a forensic investigation into a compromised Palo Alto Networks device.

Firewall 98

Firewall Cybersecurity Malware 98

Security Affairs

NOVEMBER 7, 2024

Palo Alto Networks Expedition is a tool designed to help users transition to and optimize Palo Alto Networks’ next-generation firewalls. It assists with the migration of configurations from other firewall vendors and legacy Palo Alto Networks devices to newer models.

Firewall 124

Firewall Authentication Accountability Risk 124

The Last Watchdog

MARCH 19, 2025

Customers use Knocknoc to protect VPNs and firewalls, IP cameras, payroll systems, file transfer appliances, bastion hosts and other applications and network services. Knocknoc prevents would-be attackers from being able to connect to the types of network devices and applications that are prone to falling victim to zero-day attacks.

Technology 130

Technology Media Telecommunications Authentication 130

Schneier on Security

JULY 3, 2024

Moreover, gaining root access would enable attackers to bypass critical security mechanisms such as firewalls, intrusion detection systems, and logging mechanisms, further obscuring their activities.

Firewall 349

Firewall Data breaches Malware Risk 349

Security Boulevard

DECEMBER 26, 2024

SIEM solutions enable enterprises to monitor and analyze security-related data from a variety of sources, such as firewalls, intrusion detection systems (IDS), and endpoint security devices. What is a SIEM?

Firewall 115

Firewall 115