Tag: firewall
-
SonicWall Confirms Breach Exposing All Customer Firewall Configuration Backups
SonicWall, together with leading incident response firm Mandiant, has completed a thorough review of a recent cloud backup security incident. The investigation confirmed that an unknown party gained access to all firewall configuration backup files for customers using the MySonicWall cloud backup feature. These files contain encoded configuration settings and encrypted credentials. Although the credentials…
-
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions
Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpnCritical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
-
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions
Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpnCritical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
-
SonicWall: Firewall configs stolen for all cloud backup customers
SonicWall has confirmed that all customers that used the company’s cloud backup service are affected by the security breach last month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-firewall-configs-stolen-for-all-cloud-backup-customers/
-
Attackers compromised ALL SonicWall firewall configuration backup files
The attackers who brute-forced their way into SonicWall’s firewall cloud backup service accessed configuration backup files of all customers who have used the service, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/09/sonicwall-firewall-backup-compromised/
-
All SonicWall Cloud Backup Users Have Firewall Configuration Files Stolen
SonicWall said that a threat actor has accessed files containing encrypted credentials and configuration data for all customers who have used its cloud backup service First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sonicwall-cloud-firewall/
-
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
-
Hackers Targeting WordPress Plugin Vulnerability to Seize Admin Access
A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began within 24 hours of public disclosure, and over 13,800 exploit attempts have been blocked by the Wordfence Firewall to date. On June 8, 2025, a submission to the Wordfence Bug…
-
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
-
Hackers Targeting WordPress Plugin Vulnerability to Seize Admin Access
A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began within 24 hours of public disclosure, and over 13,800 exploit attempts have been blocked by the Wordfence Firewall to date. On June 8, 2025, a submission to the Wordfence Bug…
-
Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users
All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
-
Neues eBook ‘Firewalls für KI” – Wie Künstliche Intelligenz vor Angriffen und Missbrauch geschützt werden kann
First seen on security-insider.de Jump to article: www.security-insider.de/ki-und-cybersicherheit-schutz-und-abwehr-von-cyberangriffen-a-26c2b8142ee89ba92eb86fa101f63f7f/
-
So verändert SASE die Cybersicherheit
Angesichts rasant steigender Cyberangriffe und wachsender Vernetzung scheint die klassische Defense-in-Depth-Strategie an ihre Grenzen zu stoßen. Unternehmen setzen heute auf zahlreiche Einzellösungen Firewalls, VPNs, SWG, CASB etc. doch die Koordination untereinander funktioniert selten reibungslos. Das Ergebnis: Transparenzlücken, unübersichtliche Tools, widersprüchliche Richtlinien, langsame Reaktion und hohe Kosten. Secure-Access-Service-Edge (SASE) wird in diesem Kontext als […] First…
-
TDL 006 – Beyond the Firewall: How Attackers Weaponize Your DNS
Tags: access, attack, breach, business, cisa, ciso, computer, conference, control, cyber, data, data-breach, dns, exploit, firewall, google, government, group, guide, infrastructure, intelligence, Internet, iraq, jobs, leak, malicious, malware, network, phishing, ransomware, service, software, switch, threat, tool, windowsSummary Beyond the Firewall: How Attackers Weaponize Your DNS For many IT professionals, DNS is the internet’s invisible plumbing, historically managed by a “guy with a Unix beard in the basement,” as Infoblox educator Josh Kuo recalled on the Defenders Log podcast. But this foundational, often overlooked, protocol has become a primary vector for sophisticated…
-
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0
First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution/
-
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0
First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution/
-
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/05/week-in-review-many-cisco-asa-firewalls-still-unsecure-hackers-claim-red-hats-gitlab-breach/
-
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/05/week-in-review-many-cisco-asa-firewalls-still-unsecure-hackers-claim-red-hats-gitlab-breach/
-
Beyond IPs: Why Your Next Firewall Ruleset Will be Written in Identity
The shift from IP-based ACLs to identity-aware microsegmentation is key to zero-trust. Learn how to build resilient, intent-based policies that survive re-IP. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/beyond-ips-why-your-next-firewall-ruleset-will-be-written-in-identity/
-
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
-
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
-
Reducing Mean Time to Remediation (MTTR) with Automated Policy Workflows
Tags: firewallWhen an incident hits, every second matters. Yet too often, security teams find themselves stalled by manual firewall changes, policy approvals, and coordination across fragmented teams. The result? Prolonged exposure,… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/reducing-mean-time-to-remediation-mttr-with-automated-policy-workflows/
-
Warnings about Cisco vulns under active exploit are falling on deaf ears
50,000 firewall devices still exposed First seen on theregister.com Jump to article: www.theregister.com/2025/09/30/cisco_firewall_vulns/
-
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nearly-50-000-cisco-firewalls-vulnerable-to-actively-exploited-flaws/
-
Cisco firewall flaws endanger nearly 50,000 devices worldwide
The U.S., the U.K. and Japan lead the list of the most vulnerable countries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-vulnerabilities-shadowserver-initial-exposure/761490/
-
Akira Hits SonicWall VPNs in Broad Ransomware Campaign
Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/akira-sonicwall-vpns-broad-ransomware-campaign
-
Cloud Security Alliance führt neues SaaS-Framework ein
Tags: business, ceo, cloud, compliance, cyberattack, firewall, framework, international, ISO-27001, risk, saas, zero-trustMit dem SaaS Security Capability Framework (SSCF) hat die Cloud Security Alliance (CSA) einen neunen Sicherheitsstandart festgelegt.Das SaaS Security Capability Framework (SSCF) der Cloud Security Alliance (CSA) soll SaaS-Anbietern dabei helfen, Zero-Trust-Prinzipien in ihre Umgebungen zu integrieren und Kunden angesichts steigender Risiken durch Dritte konsistentere Sicherheitskontrollen zu bieten. Die Veröffentlichung der Leitlinien folgt auf die…