Security Affairs

SEPTEMBER 29, 2021

CISA and the NSA agencies have published guidance for securely using virtual private network (VPN) solutions. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for increasing the security of virtual private network (VPN) solutions.

VPN 144

VPN Government Firmware Authentication 144

Security Affairs

FEBRUARY 4, 2021

Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as root. Cisco has fixed several pre-auth remote code execution (RCE) issues in multiple small business VPN routers. Cisco has addressed the flaw with the release of firmware version 1.0.01.02

VPN 127

VPN Small Business Wireless Firmware 127

Security Affairs

NOVEMBER 2, 2024

Successful exploitation of these vulnerabilities could allow attackers to steal sensitive data, inject firmware payloads, and even reach LAN-connected devices. Attackers maintained persistence through VPN credentials, Active Directory DCSYNC access, and firmware-hooking methods to survive updates. ” concludes the report.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

APRIL 6, 2020

DarkHotel nation-state actor is exploiting a VPN zero -day to breach Chinese government agencies in Beijing and Shanghai. State-sponsored hackers used a zero-day vulnerability in Sangfor SSL VPN servers to gain access to victims’ networks. Up to now, a large number of VPN users have been attacked.” are vulnerable.

VPN 144

VPN Government Advertising Firmware 144

Security Affairs

NOVEMBER 25, 2024

“A command injection vulnerability in the IPSec VPN feature of some firewall versions could allow an unauthenticated attacker to execute some OS commands on an affected device by sending a crafted username to the vulnerable device.” ” The vendor addressed these vulnerabilities with the release of firmware version 5.39

Firewall 73

Firewall Ransomware VPN Firmware 73

Security Affairs

DECEMBER 8, 2020

An unauthenticated command injection vulnerability could be exploited by threat actors to compromise D-Link VPN routers. Security researchers at Digital Defense discovered three vulnerabilities in D-Link VPN routers, including command injection flaws, and an authenticated crontab injection flaw. and earlier. and earlier.

VPN 131

VPN Hacking Firmware Authentication 131

Dark Reading

JULY 3, 2023

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.

VPN 109

VPN Firmware 109

Security Affairs

APRIL 7, 2021

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. “The primary causes of the incident include the use of an outdated and vulnerable firmware version on the Fortigate VPN server (version 6.0.2 ” continues Kaspersky.

VPN 129

VPN Ransomware Antivirus Firmware 129

Security Affairs

JANUARY 14, 2025

The campaign likely began in November 2024, the campaign unfolded in four phases: vulnerability scanning (Nov 1623, 2024), reconnaissance (Nov 2227), SSL VPN setup (Dec 47), and lateral movement (Dec 1627). ” The researchers noticed that the attack targeted firmware versions of devices ranging between 7.0.14

Firewall 81

Firewall VPN Accountability Firmware 81

Malwarebytes

JULY 28, 2021

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages. History lessons. Mitigation.

Firmware 128

Firmware Technology Authentication IoT 128

The Hacker News

JULY 15, 2021

x firmware. The warning comes more than a month after reports emerged that remote access vulnerabilities in SonicWall SRA 4600 VPN appliances (CVE-2019-7481) are being

VPN 105

VPN Ransomware Firmware Mobile 105

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. The vendor recommends to disable SSL VPN as a workaround. “Workaround : disable SSL VPN (disable webmode is NOT a valid workaround). ” reads the advisory.

VPN 131

VPN Firmware Malware Government 131

Security Affairs

APRIL 1, 2022

Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. Patch 1 VPN ZLD V4.30

Firewall 105

Firewall VPN Firmware Authentication 105

Security Affairs

FEBRUARY 18, 2025

In early January, SonicWall urged customers to upgrade the SonicOS firmware of their firewalls to patch an authentication bypass vulnerability tracked as CVE-2024-53704 (CVSS score of 8.2). The vulnerability resides in SSL VPN and SSH management and according to the vendor is susceptible to actual exploitation.

Firewall 63

Firewall Firmware Authentication VPN 63

Krebs on Security

JUNE 15, 2023

.” Meanwhile, this week we learned more details about the ongoing exploitation of a zero-day flaw in a broad range of virtual private networking (VPN) products made by Fortinet — devices many organizations rely on to facilitate remote network access for employees. “Patch your #Fortigate.” “Patch your #Fortigate.”

Risk 263

Risk VPN Internet Internet 263

The Hacker News

AUGUST 11, 2024

The elevated access could then be weaponized to decrypt encrypted firmware files and encrypted data such as passwords in configuration files, and even get correctly signed X.509 509 VPN certificates for foreign

Firmware 127

Firmware VPN Encryption Passwords 127

Bleeping Computer

MARCH 31, 2022

Network equipment company Zyxel has updated the firmware of several of its business-grade firewall and VPN products to address a critical-severity vulnerability that could give attackers administrator-level access to affected devices. [.].

Firewall 77

Firewall VPN Firmware 77

Security Boulevard

APRIL 17, 2025

They were strategic, persistent, and laser-focused on exploiting firewall and VPN weak points to establish long-term control over sensitive systems. Firewalls and VPNs are no longer the line of defense. But as networks have grown more complex and workforces have gone hybrid, VPNs have become both overextended and overexposed.

Firewall 64

Firewall VPN Encryption Architecture 64

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. The NVD’s advisory credits VPN reviewer Wizcase.com with reporting the bug to Western Digital three years ago, back in June 2018. We understand that our customers’ data is very important.

Internet 331

Internet Internet Backups Small Business 331

Security Affairs

MARCH 28, 2020

The two critical remote command injection vulnerabilities tracked as CVE-2020-8515 affect DrayTek Vigor network devices, including enterprise switches, routers, load-balancers, and VPN gateway. On the 6th Feb, we released an updated firmware to address this issue.” firmware or later. ” reads the security bulletin.

Firmware 123

Firmware VPN Accountability Advertising 123

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “2025 will be a fortunate year for the world.

VPN 90

VPN Passwords Firewall Firmware 90

Security Affairs

JULY 18, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”. The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. reads the alert published by the company.

Ransomware 137

Ransomware Firmware Mobile InfoSec 137

Security Boulevard

MARCH 31, 2025

Privacy Without Compromise: Proton VPN is Now Built Into Vivaldi Vivaldi Vivaldi integrates ProtonVPN natively into its desktop version of its browser. Version 2 reduces traffic overhead and introduces dynamic configurations varying VPN tunnel characteristics. Malware campaigns covered generally target/affect the end user.

VPN 59

VPN Surveillance Malware Data breaches 59

Malwarebytes

SEPTEMBER 22, 2021

In a detailed post on Github , security researcher Watchful_IP describes how he found that the majority of the recent camera product ranges of Hikvision cameras are susceptible to a critical, unauthenticated, remote code execution (RCE) vulnerability, even with the latest firmware. Hangzhou Hikvision Digital Technology Co.,

Firmware 144

Firmware Surveillance Marketing VPN 144

Malwarebytes

MAY 26, 2023

The CVEs patched in these updates are: CVE-2023-33009 : A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.32 Patch 1, USG FLEX series firmware versions 4.50 Patch 1, USG FLEX 50(W) firmware versions 4.25 Patch 1, USG20(W)-VPN firmware versions 4.25

Firmware 96

Firmware VPN Firewall Accountability 96

Security Affairs

APRIL 28, 2023

The vulnerability is an improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.50

Firewall 98

Firewall Firmware VPN Authentication 98

Security Affairs

JUNE 16, 2024

Some impacted models will not receive the firmware updates because they have reached the end-of-life (EoL). Remote access (Web access from WAN), virtual server (Port forwarding), DDNS, VPN server, DMZ, port trigger Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, routers)

Authentication 129

Authentication Firmware VPN Manufacturing 129

Security Affairs

JULY 15, 2021

x firmware in an imminent ransomware campaign using stolen credentials.” “The exploitation targets a known vulnerability that has been patched in newer versions of firmware.” The network equipment vendor is now urging customers to update the firmware of their devices as soon as possible. “If 34 or 9.0.0.10

Firmware 117

Firmware Ransomware Passwords Mobile 117

Security Affairs

DECEMBER 5, 2021

The most common issues discovered by the experts were outdated Linux kernel in the firmware, outdated multimedia and VPN functions, presence of hardcoded credentials, the use of insecure communication protocols and weak default passwords. “Some of the security issues were detected more than once.

Manufacturing 145

Manufacturing IoT Firmware VPN 145

Security Affairs

JANUARY 6, 2021

The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. Firmware version 4.60 The password for this account can be found in cleartext in the firmware.” reads the advisory published by NIST.

Firmware 124

Firmware Passwords Accountability VPN 124

Security Affairs

JUNE 4, 2023

Zyxel has published guidance for protecting firewall and VPN devices from the ongoing attacks recently discovered. Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771 , CVE-2023-33009 , and CVE-2023-33010 vulnerabilities. Patch 2 VPN ZLD V4.60 Patch 1 ZLD V5.36

Firmware 98

Firmware VPN Firewall Hacking 98

Krebs on Security

JULY 25, 2023

.” Lumen’s research team said the purpose of AVrecon appears to be stealing bandwidth – without impacting end-users – in order to create a residential proxy service to help launder malicious activity and avoid attracting the same level of attention from Tor-hidden services or commercially available VPN services. com, sscompany[.]net,

Malware 237

Malware VPN Internet Internet 237

Security Affairs

JUNE 19, 2023

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. “Update your router to the latest firmware. ” ASUS added.

Firmware 98

Firmware VPN Wireless Passwords 98

Security Affairs

JUNE 23, 2021

A critical vulnerability, tracked as CVE-2021-20019 , in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. The flaw resides in the HTTP/HTTPS service used for product management as well as SSL VPN remote access. “An reads the analysis published by Tripwire.

VPN 128

VPN Firewall Firmware Authentication 128

Security Affairs

FEBRUARY 6, 2024

The malware survives reboots and firmware upgrades. Moreover, the infection survives firmware upgrades.” COATHANGER is a stealthy malware that hooks system calls that could reveal its presence. ” continues the report. reads the advisory published by the security vendor.

Malware 134

Malware Firmware VPN Backups 134

Security Affairs

JUNE 1, 2023

“Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 VPN ZLD V4.60 ” reads the advisory published by NIST.

Firewall 98

Firewall Firmware VPN DDOS 98

Malwarebytes

JULY 15, 2021

The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. x versions of the firmware. x firmware. x firmware versions. SSL-VPN 200/2000/400 (EOL 2013/2014) disconnect immediately and reset passwords. SMA 210/410/500v (Actively Supported) update firmware to 9.0.0.10-28sv

Ransomware 103

Ransomware Firmware VPN Passwords 103