Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet.

Firewall 143

Firewall Hacking Firmware Internet 143

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. “When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. 13.73.13.73, 8.8.8.8, ” reads the report.

Firewall 66

Firewall Ransomware VPN Encryption 66

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS.

Firewall 116

Firewall Authentication Internet Internet 116

Security Affairs

APRIL 19, 2025

. “It is important to note that even fully patched firewall devices may still become compromised if accounts use poor password hygiene.”

Passwords 106

Passwords VPN Firewall Accountability 106

Security Affairs

FEBRUARY 19, 2025

Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474 , to compromise PAN-OS firewalls.

Firewall 106

Firewall Authentication Architecture Internet 106

Security Affairs

APRIL 11, 2024

Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. ” reads the advisory. .’

Firewall 138

Firewall Software Engineering Authentication 138

Security Affairs

JUNE 17, 2022

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. On March 25, Sophos announced to have fixed the authentication bypass vulnerability, tracked as CVE-2022-1040, that resides in the User Portal and Webadmin areas of Sophos Firewall.

Firewall 144

Firewall DNS Authentication Malware 144

Security Affairs

JANUARY 31, 2021

Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members of the Great Firewall Report group have analyzed the recent improvement implemented for China’s Great Firewall censorship system and revealed that it is possible to bypass it.

Firewall 144

Firewall Surveillance Internet Internet 144

Security Affairs

DECEMBER 15, 2023

Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it. ” reads the analysis published by SonarSource.

Firewall 140

Firewall Phishing Authentication Hacking 140

Security Affairs

DECEMBER 9, 2022

Claroty researchers devised a technique for bypassing the web application firewalls (WAF) of several vendors. Researchers at industrial and IoT cybersecurity firm Claroty devised an attack technique for bypassing the web application firewalls (WAF) of several industry-leading vendors. SecurityAffairs – hacking, WAF).

Firewall 143

Firewall Wireless IoT Hacking 143

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. SecurityAffairs – hacking, Zyxel).

Firewall 141

Firewall VPN Authentication Cyber Attacks 141

Security Affairs

AUGUST 26, 2024

SonicWall addressed a critical flaw in its firewalls that could allow attackers to achieve unauthorized access to the devices. SonicWall has released security updates to address a critical vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), in its firewalls. 13o Gen 6 Firewalls – 6.5.2.8-2n

Firewall 126

Firewall Firmware Malware Internet 126

Security Affairs

NOVEMBER 7, 2024

CVE-2024-5910 – In July, Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an admin account takeover.

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

SEPTEMBER 19, 2023

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845.

Firewall 141

Firewall Internet Internet Authentication 141

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 137

Firewall VPN Authentication Hacking 137

Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions. Pierluigi Paganini.

VPN 143

VPN Firewall Firmware Authentication 143

Security Affairs

FEBRUARY 5, 2021

Security vendor Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls, including a Remote Code Execution flaw. Fortinet has addressed four vulnerabilities in FortiWeb web application firewalls that were reported by Positive Technologies expert Andrey Medov. . SecurityAffairs – hacking, Fortinet).

Firewall 143

Firewall System Administration Technology Hacking 143

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 Someone could for example change firewall settings to allow or block certain traffic. SecurityAffairs – hacking, Zyxel).

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

DECEMBER 3, 2023

Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. CVE-2023-35139 – A cross-site scripting (XSS) vulnerability in the CGI program of some firewall versions could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device.

Firewall 130

Firewall Authentication VPN Cyber Attacks 130

Security Affairs

MAY 1, 2024

Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, DNS)

DNS 141

DNS Firewall DDOS Hacking 141

Security Affairs

OCTOBER 9, 2024

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack PAN-OS firewalls. ” reads the advisory. ” reads the advisory.

Firewall 128

Firewall Passwords Authentication Phishing 128

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Firewall 131

Firewall Passwords VPN Authentication 131

Security Affairs

DECEMBER 13, 2023

Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue. The security firm reported that this vulnerability is being used in attacks against a small set of specific organizations, primarily in South Asia. reads the advisory. “A reads the advisory.

Firmware 131

Firmware Firewall Internet Internet 131

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Update software : Keep your operating system, security software, and firewall up to date to patch vulnerabilities.

Identity Theft 125

Identity Theft Passwords Malware Banking 125

Security Affairs

JANUARY 12, 2024

Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Juniper ) ” reads the advisory published by the vendor.

Firewall 134

Firewall Hacking Software Information Security 134

Security Affairs

JUNE 25, 2021

Fortinet has recently fixed a high-severity vulnerability affecting its FortiWeb web application firewall (WAF) that can be exploited by remote attackers to execute arbitrary commands. The vulnerability in the management interface of FortiWeb firewall was discovered by Andrey Medov, from cybersecurity firm Positive Technologies.

Hacking 136

Hacking Firewall Authentication Technology 136

Security Affairs

JANUARY 7, 2021

An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack. The flaws, tracked as CVE-2020-29015 , CVE-2020-29016 , CVE-2020-29018 , and CVE-2020-29019 , have been already addressed by Fortinet with the release of security patches.

Hacking 140

Hacking Firewall Technology Information Security 140

Security Affairs

NOVEMBER 2, 2024

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Improved operational security, including disrupting firewall telemetry to hinder detection and minimize their digital footprint.

Firmware 121

Firmware Government Firewall Malware 121

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

Security Affairs

DECEMBER 9, 2023

Threat actors hacked a small water utility in Ireland and interrupted the water supply for two days. “Our caretaker went down and when he got to the pumphouse, up on the screen was a sign ‘You have been hacked’. ” Mr Walsh announced that the water facility is currently improving their security systems. .”

Hacking 145

Hacking Firewall Cyber Attacks Media 145

Security Affairs

DECEMBER 6, 2022

Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5 , including some arbitrary code execution bugs. SecurityAffairs – hacking, code execution flaws). appeared first on Security Affairs.

Firewall 100

Firewall Wireless VPN Hacking 100

Krebs on Security

AUGUST 27, 2024

The advisory placed much of the blame on Versa customers who “failed to implement system hardening and firewall guidelines…leaving a management port exposed on the internet that provided the threat actors with initial access.” Versa said the weakness allows attackers to upload a file of their choosing to vulnerable systems.

Internet 334

Internet Internet Technology Engineering 334

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. critical severity score of 9.8)

Firewall 98

Firewall VPN Authentication Hacking 98

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. ” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ASA)

Firewall 132

Firewall Government VPN Authentication 132

Security Affairs

DECEMBER 19, 2024

To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date. Below are actions recommended by Juniper Networks: Strengthen Security Practices : Change default credentials on all SSRs.

DDOS 66

DDOS Firmware Firewall Passwords 66

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 111

Cryptocurrency Malware Hacking Ransomware 111

Security Affairs

AUGUST 28, 2023

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. In mid-August, Juniper addressed four medium-severity (CVSS 5.3)

Firewall 98

Firewall Authentication Hacking Information Security 98