Security Affairs

JUNE 24, 2021

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions.

VPN 143

VPN Firewall Firmware Authentication 143

Bleeping Computer

FEBRUARY 7, 2021

The vulnerabilities range from Remote Code Execution to SQL Injection, to Denial of Service (DoS) and impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products. [.]. Fortinet has fixed multiple severe vulnerabilities impacting its products.

Firewall 142

Firewall VPN Technology 142

Penetration Testing

JANUARY 15, 2025

Cybersecurity expert Kevin Beaumont has reported that over 15,000 FortiGate firewall configurations, including VPN credentials, have been publicly The post 15,000 FortiGate Firewalls Exposed: Massive Leak Includes VPN Credentials appeared first on Cybersecurity News.

Firewall 115

Firewall VPN Cybersecurity 115

Security Affairs

JANUARY 1, 2021

Impacted devices include Unified Security Gateway (USG), ATP, USG FLEX and VPN firewalls products. Affected product series Patch available in Firewalls ATP series running firmware ZLD V4.60 2020 VPN series running firmware ZLD V4.60 Someone could for example change firewall settings to allow or block certain traffic.

Firewall 145

Firewall VPN Firmware Passwords 145

Security Affairs

MARCH 14, 2025

Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. “When the firewall had VPN capabilities, the threat actor created local VPN user accounts with names resembling legitimate accounts but with an added digit at the end. ” reads the report.

Firewall 66

Firewall Ransomware VPN Encryption 66

Cisco Security

DECEMBER 14, 2022

Introduction to Cisco Secure Firewall 7.3. Cisco’s latest release of Secure Firewall operating system, Secure Firewall Threat Defence Version 7.3, addresses key concerns for today’s firewall customers. allows for the fingerprinting of traffic that is using the QUIC Protocol in Secure Firewall 7.3.

Firewall 145

Firewall VPN Encryption DNS 145

Security Affairs

APRIL 19, 2025

Arctic Wolf has uncovered an active campaign, running from January to April 2025, targeting SonicWall SMA 100 series appliances to steal VPN credentials. “It is important to note that even fully patched firewall devices may still become compromised if accounts use poor password hygiene.”

Passwords 106

Passwords VPN Firewall Accountability 106

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3)

Firewall 126

Firewall Internet Internet VPN 126

Cisco Security

MAY 26, 2021

This is where Cisco Secure Firewall Cloud Native (SFCN) comes in. Cisco Secure Firewall Cloud Native brings together the benefits of Kubernetes and Cisco’s industry-leading security technologies, providing a resilient architecture for infrastructure security at scale. Redis DB: The Redis database has information on VPN sessions.

Firewall 132

Firewall VPN Architecture DNS 132

The Hacker News

JANUARY 14, 2025

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet.

Firewall 143

Firewall VPN Accountability Authentication 143

Tech Republic Security

SEPTEMBER 19, 2022

Grab a special deal on the secure Ivacy virtual private network and NAT firewall today. The post Get a lifetime of VPN protection for just $60 appeared first on TechRepublic.

VPN 148

VPN Firewall Software Network Security 148

Cisco Security

JULY 9, 2021

With Cisco Secure Firewall, organizations are able to build a scalable RAVPN architecture on OCI, providing employees secure remote access to their organization’s resources from any location or endpoint. Design 1 – Load balance RAVPN sessions to multiple firewalls using OCI DNS service. DNS provides an FQDN (example.vpn.com).

Firewall 142

Firewall Architecture DNS VPN 142

Bleeping Computer

APRIL 6, 2022

American cybersecurity company Palo Alto Networks warned customers on Wednesday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago [.].

Firewall 145

Firewall VPN Cybersecurity 145

The Hacker News

JUNE 25, 2021

Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers.

Firewall 138

Firewall VPN 138

Bleeping Computer

MAY 25, 2023

Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. [.]

Firewall 104

Firewall VPN Authentication 104

Security Affairs

MAY 25, 2023

Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a DoS condition. Zyxel addressed two critical buffer overflow vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010 , that affect several of its firewall and VPN products. Patch 2 VPN ZLD V4.30

Firewall 98

Firewall VPN Authentication Hacking 98

Security Affairs

OCTOBER 25, 2024

is a Denial of Service (DoS) issue that impacts the Remote Access VPN (RAVPN) service of ASA and FTD. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. Services that are not related to VPN are not affected.” reads the advisory. continues the advisory.

VPN 112

VPN Firewall Technology Passwords 112

Security Boulevard

JULY 30, 2024

Firewalls and VPN appliances are critical gateways. Like all on-prem systems, a vulnerability can lead to a compromise that is used to open the door for attackers. The post If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door appeared first on Security Boulevard.

Firewall 122

Firewall VPN Security Awareness Cybersecurity 122

Malwarebytes

MARCH 11, 2021

Virtual Private Networks ( VPN s) are popular but often misunderstood. VPNs are for illegal activity. Some people think that VPNs are only useful for doing things like torrenting, accessing geo-locked content, or getting around work/school/government firewalls. I don’t need a mobile VPN.

VPN 144

VPN Encryption Mobile Surveillance 144

Cisco Security

APRIL 6, 2022

“I so look forward to the next firewall hardware upgrade cycle!”. – If I learned one thing from my firewall customers over the many years, it would be that they like to upgrade their hardware appliances as much as an average consumer likes to shop for a new car. This is how the new mid-range Secure Firewall 3100 Series was born.

Firewall 145

Firewall Architecture Encryption VPN 145

Cisco Security

SEPTEMBER 27, 2021

Secure Firewall Threat Defense 7.0 Secure Firewall Threat Defense 7.0 For Cisco Secure Firewall 1000, 2100, 4100 and 9300 series, updating your firewall to Threat Defense 7.0 For Cisco Secure Firewall 1000, 2100, 4100 and 9300 series, updating your firewall to Threat Defense 7.0

Firewall 135

Firewall VPN Mobile Encryption 135

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Follow me on Twitter: @securityaffairs and Facebook.

Firewall 140

Firewall VPN Authentication Cyber Attacks 140

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Firewall 131

Firewall Passwords VPN Authentication 131

Bleeping Computer

MARCH 28, 2024

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. [.]

VPN 136

VPN Passwords Firewall 136

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN 142

VPN Firewall Advertising Internet 142

The Hacker News

NOVEMBER 10, 2021

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064 (CVSS score: 9.8), the security weakness impacts PAN-OS 8.1

VPN 134

VPN Firewall Cybersecurity 134

The Hacker News

MAY 25, 2023

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.

Firewall 98

Firewall VPN Software 98

Krebs on Security

MARCH 20, 2020

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. which boasts some 100 million devices deployed worldwide.

IoT 285

IoT DDOS VPN Firewall 285

Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN 144

VPN Government Firmware Authentication 144

Security Affairs

FEBRUARY 27, 2024

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points.

Firewall 136

Firewall VPN Authentication Hacking 136

Cisco Security

NOVEMBER 29, 2021

With traditional firewalls, network security teams are charged with the heavy lifting of deploying new solutions. According to Gartner, by 2025, 30% of new deployments of distributed branch-office firewalls will switch to firewall-as-a-service, up from less than 10% in 2021. Introduction. Starting with version 7.1

Firewall 145

Firewall Network Security Architecture VPN 145

Cisco Security

JUNE 16, 2021

Organizations rely on Cisco Secure Firewall Threat Defense Virtual (formerly FTDv/NGFWv), Cisco’s proven network firewall with IPS, URL filtering, and malware defense that protects virtualized environments in private and public clouds. Additionally, we are introducing performance tiers for Secure Firewall Threat Defense Virtual.

Firewall 135

Firewall VPN Software Network Security 135

Security Affairs

APRIL 16, 2024

Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN 140

VPN Firewall Authentication Hacking 140

Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild. Impacted versions are R80.20.x,

VPN 125

VPN Passwords Authentication Accountability 125

Security Affairs

MAY 8, 2024

TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. The researchers referred to this result as “decloaking.”

VPN 133

VPN Firewall Marketing Encryption 133

Malwarebytes

JUNE 28, 2021

In layman’s terms, a VPN uses encryption to create a private online connection between a device and a VPN server. With a good VPN service, you can shield your data from curious eyes. The type of VPN protocol that you use can affect the speed, stability, ease of use, security, and privacy of your connection.

VPN 131

VPN Encryption Advertising Firewall 131

Security Boulevard

APRIL 17, 2025

The Old Guard: Firewalls, VPNs and Exposed Control Planes Cyberattacks have evolved beyond the perimeter. No longer limited to opportunistic breaches, attackers are now executing coordinated campaigns that target the very foundations of enterprise network infrastructure firewalls, VPNs, and control planes. The takeaway?

Firewall 64

Firewall VPN Encryption Architecture 64