Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Firewall 138

Firewall Passwords VPN Authentication 138

The Hacker News

JUNE 25, 2021

Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers.

Firewall 144

Firewall VPN 144

Security Affairs

APRIL 1, 2022

Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. Patch 1 VPN ZLD V4.30

Firewall 111

Firewall VPN Firmware Authentication 111

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 141

Firewall VPN Authentication Hacking 141

Bleeping Computer

APRIL 6, 2022

American cybersecurity company Palo Alto Networks warned customers on Wednesday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago [.].

Firewall 145

Firewall VPN Cybersecurity 145

Bleeping Computer

MARCH 28, 2024

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. [.]

VPN 137

VPN Passwords Firewall 137

Bleeping Computer

MAY 25, 2023

Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. [.]

Firewall 104

Firewall VPN Authentication 104

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 2 VPN ZLD V4.30

Firewall 98

Firewall VPN Authentication Hacking 98

Malwarebytes

MARCH 11, 2021

Virtual Private Networks ( VPN s) are popular but often misunderstood. VPNs are for illegal activity. Some people think that VPNs are only useful for doing things like torrenting, accessing geo-locked content, or getting around work/school/government firewalls. I don’t need a mobile VPN.

VPN 144

VPN Encryption Mobile Surveillance 144

Security Boulevard

JULY 30, 2024

Firewalls and VPN appliances are critical gateways. Like all on-prem systems, a vulnerability can lead to a compromise that is used to open the door for attackers. The post If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door appeared first on Security Boulevard.

Firewall 122

Firewall VPN Security Awareness Cybersecurity 122

Security Affairs

MAY 8, 2024

TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. The researchers referred to this result as “decloaking.”

VPN 140

VPN Firewall Marketing Encryption 140

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 143

VPN Firewall Authentication Hacking 143

Tech Republic Security

SEPTEMBER 19, 2022

Grab a special deal on the secure Ivacy virtual private network and NAT firewall today. The post Get a lifetime of VPN protection for just $60 appeared first on TechRepublic.

VPN 132

VPN Firewall Software Network Security 132

The Hacker News

NOVEMBER 10, 2021

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064 (CVSS score: 9.8), the security weakness impacts PAN-OS 8.1

VPN 143

VPN Firewall Cybersecurity 143

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Follow me on Twitter: @securityaffairs and Facebook.

Firewall 143

Firewall VPN Authentication Cyber Attacks 143

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN 144

VPN Firewall Advertising Internet 144

Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise.

Firewall 83

Firewall Ransomware VPN Firmware 83

The Hacker News

MAY 25, 2023

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.

Firewall 100

Firewall VPN Software 100

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild. Impacted versions are R80.20.x,

VPN 133

VPN Passwords Authentication Accountability 133

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN 145

VPN Government Firmware Authentication 145

Security Affairs

MAY 21, 2020

Hackers attempted to exploit a zero-day flaw in the Sophos XG firewall to distribute ransomware to Windows machines, but the attack was blocked. It was designed to download payloads intended to exfiltrate XG Firewall-resident data. Sophos was informed of the attacks exploiting the zero-day issue by one of its customers on April 22.

Firewall 145

Firewall Ransomware Passwords VPN 145

Cisco Security

APRIL 6, 2022

“I so look forward to the next firewall hardware upgrade cycle!”. – If I learned one thing from my firewall customers over the many years, it would be that they like to upgrade their hardware appliances as much as an average consumer likes to shop for a new car. This is how the new mid-range Secure Firewall 3100 Series was born.

Firewall 130

Firewall Architecture Encryption VPN 130

Security Affairs

JULY 16, 2020

Cisco has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices. The post Cisco fixes 5 critical flaws that could allow router firewall takeover appeared first on Security Affairs.

Firewall 138

Firewall Small Business Wireless Advertising 138

IT Security Guru

JANUARY 3, 2024

A reliable VPN provider always maintains a DDoS-protected server. In this article, we will continue to explore how a VPN can fortify your Twitch stream. This method is employed by hackers to overwhelm routers and firewalls with an excessive number of network connections. Use different forms of VPN.

DDOS 132

DDOS VPN Internet Internet 132

Krebs on Security

MARCH 20, 2020

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. which boasts some 100 million devices deployed worldwide.

IoT 266

IoT DDOS VPN Firewall 266

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. It was designed to download payloads intended to exfiltrate XG Firewall-resident data.

Firewall 84

Firewall Hacking Malware Passwords 84

Malwarebytes

JUNE 28, 2021

In layman’s terms, a VPN uses encryption to create a private online connection between a device and a VPN server. With a good VPN service, you can shield your data from curious eyes. The type of VPN protocol that you use can affect the speed, stability, ease of use, security, and privacy of your connection.

VPN 131

VPN Encryption Advertising Firewall 131

Cisco Security

JUNE 15, 2021

As a network and workload security strategy leader, I spend a lot of time thinking about the future of the good old network firewall. Spoiler alert: I’m not going to join the cool club of pronouncing the firewall dead. The two main problems for the firewall to overcome in all those new deployment scenarios are insertion and visibility.

Firewall 130

Firewall Software Network Security Encryption 130

eSecurity Planet

NOVEMBER 4, 2021

We use passwords to authenticate our users, run antivirus to keep malware off our endpoints , monitor our networks, and implement firewalls so we can have multiple defenses against attackers. Also read: Fine-tuning Firewall Rules: 10 Best Practices. VPNs remain vulnerable to stolen credentials , zero-day attacks , and sloppy updating.

VPN 123

VPN Firewall Encryption Passwords 123

Bleeping Computer

JUNE 22, 2021

New findings have emerged that shed light on a critical SonicWall vulnerability disclosed last year, which affected over 800,000 VPN firewalls and was initially thought to have been patched.

Firewall 123

Firewall VPN 123

Security Affairs

DECEMBER 3, 2023

Taiwanese vendor Zyxel addressed tens of vulnerabilities in its firewalls and access points. CVE-2023-35139 – A cross-site scripting (XSS) vulnerability in the CGI program of some firewall versions could allow an unauthenticated LAN-based attacker to store malicious scripts in a vulnerable device.

Firewall 137

Firewall Authentication VPN Cyber Attacks 137

SecureWorld News

SEPTEMBER 4, 2022

VPNs or Virtual Private Networks were born out of necessity for businesses to keep their data safe while employees accessed these private networks. Unlike the original PPTP protocol, VPN allows many users and devices simultaneous access to private networks across a very public internet.

VPN 138

VPN Internet Internet Encryption 138

eSecurity Planet

FEBRUARY 9, 2024

A next generation firewall (NGFW) performs deep packet inspection to check the contents of the data flowing through the firewall. Unlike more basic firewalls that only check the header of data packets, NGFWs examine and evaluate the payload data within the packet. Who Needs a Next-Gen Firewall?

Firewall 112

Firewall Encryption Malware Artificial Intelligence 112

Security Affairs

NOVEMBER 11, 2021

Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Exploitation of these together yields remote code execution under the privileges of the affected component on the firewall device.” SecurityAffairs – hacking, GlobalProtect VPN ). Pierluigi Paganini.

VPN 135

VPN Firewall Internet Internet 135

Security Affairs

APRIL 24, 2024

Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks. Additionally, Line Dancer hooks into the crash dump and AAA processes to evade forensic analysis and establish remote access VPN tunnels.

Firewall 138

Firewall Government VPN Authentication 138

Security Affairs

SEPTEMBER 8, 2023

CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus.

VPN 143

VPN Firewall Accountability Cybersecurity 143

Security Affairs

NOVEMBER 21, 2024

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Thousands of Palo Alto Networks firewalls have reportedly been compromised in attacks exploiting recently patched zero-day vulnerabilities ( CVE-2024-0012 and CVE-2024-9474 ) in PAN-OS. This week, the U.S.

Firewall 120

Firewall Hacking VPN Cybersecurity 120