Tag: firewall

Threat actors steal firewall configs, impacting all SonicWall Cloud Backup users

Oct 9, 2025 12:23 PM

Tags: backup, cloud, credentials, firewall, hacker, service, threat

All SonicWall Cloud Backup users were impacted after hackers stole firewall configuration files from the MySonicWall service in early September. Threat actors stole firewall configuration backups from SonicWall’s cloud service, impacting all users of its MySonicWall cloud backup platform. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Purdue 2.0? : Rising to the Challenge to secure OT with Zero Trust Connectivity

Oct 8, 2025 3:58 PM

Tags: access, ai, attack, automation, breach, cloud, compliance, control, corporate, csf, cyber, cybercrime, cybersecurity, data, defense, detection, dns, email, endpoint, espionage, exploit, extortion, firewall, firmware, framework, incident response, infrastructure, intelligence, Internet, iot, malicious, malware, mitre, monitoring, network, nist, organized, phishing, ransomware, resilience, risk, service, siem, soc, software, spear-phishing, supply-chain, tactics, technology, theft, threat, tool, unauthorized, update, vpn, vulnerability, zero-trust

Our connected world is getting dangerously messy. Demands on the effective protection of OT environments has never been greater than it is today. This is only growing. Cybercrime is becoming more organized with RaaS and the internal threat is enhanced by huge payouts of initial access brokers. Additionally, Nation States are posturing for cyber war…
Neues eBook ‘Firewalls für KI” – Wie Künstliche Intelligenz vor Angriffen und Missbrauch geschützt werden kann

Oct 8, 2025 3:58 PM

Tags: ai, firewall

First seen on security-insider.de Jump to article: www.security-insider.de/ki-und-cybersicherheit-schutz-und-abwehr-von-cyberangriffen-a-26c2b8142ee89ba92eb86fa101f63f7f/
So verändert SASE die Cybersicherheit

Oct 8, 2025 1:58 PM

Tags: access, cyberattack, cyersecurity, defense, firewall, service, strategy, tool, vpn

Angesichts rasant steigender Cyberangriffe und wachsender Vernetzung scheint die klassische Defense-in-Depth-Strategie an ihre Grenzen zu stoßen. Unternehmen setzen heute auf zahlreiche Einzellösungen Firewalls, VPNs, SWG, CASB etc. doch die Koordination untereinander funktioniert selten reibungslos. Das Ergebnis: Transparenzlücken, unübersichtliche Tools, widersprüchliche Richtlinien, langsame Reaktion und hohe Kosten. Secure-Access-Service-Edge (SASE) wird in diesem Kontext als […] First…
TDL 006 – Beyond the Firewall: How Attackers Weaponize Your DNS

Oct 7, 2025 1:35 AM

Tags: access, attack, breach, business, cisa, ciso, computer, conference, control, cyber, data, data-breach, dns, exploit, firewall, google, government, group, guide, infrastructure, intelligence, Internet, iraq, jobs, leak, malicious, malware, network, phishing, ransomware, service, software, switch, threat, tool, windows

Summary Beyond the Firewall: How Attackers Weaponize Your DNS For many IT professionals, DNS is the internet’s invisible plumbing, historically managed by a “guy with a Unix beard in the basement,” as Infoblox educator Josh Kuo recalled on the Defenders Log podcast. But this foundational, often overlooked, protocol has become a primary vector for sophisticated…
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0

Oct 6, 2025 7:34 AM

Tags: email, firewall, mail, open-source

First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution/
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0

Oct 6, 2025 7:34 AM

Tags: email, firewall, mail, open-source

First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/proxmox-mail-gateway-open-source-email-security-solution/
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach

Oct 5, 2025 10:35 AM

Tags: breach, cisco, firewall, gitlab, hacker, Internet, network, WeeklyReview

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/05/week-in-review-many-cisco-asa-firewalls-still-unsecure-hackers-claim-red-hats-gitlab-breach/
Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach

Oct 5, 2025 10:35 AM

Tags: breach, cisco, firewall, gitlab, hacker, Internet, network, WeeklyReview

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/05/week-in-review-many-cisco-asa-firewalls-still-unsecure-hackers-claim-red-hats-gitlab-breach/
Beyond IPs: Why Your Next Firewall Ruleset Will be Written in Identity

Oct 3, 2025 11:41 AM

Tags: firewall, identity

The shift from IP-based ACLs to identity-aware microsegmentation is key to zero-trust. Learn how to build resilient, intent-based policies that survive re-IP. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/beyond-ips-why-your-next-firewall-ruleset-will-be-written-in-identity/
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

Oct 2, 2025 2:41 PM

Tags: ai, attack, backdoor, browser, chrome, cloud, defense, exploit, firewall, flaw, malicious, ransomware, sql, tactics, technology, vulnerability

From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

Oct 2, 2025 2:41 PM

Tags: ai, attack, backdoor, browser, chrome, cloud, defense, exploit, firewall, flaw, malicious, ransomware, sql, tactics, technology, vulnerability

From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
Reducing Mean Time to Remediation (MTTR) with Automated Policy Workflows

Oct 2, 2025 11:41 AM

Tags: firewall

When an incident hits, every second matters. Yet too often, security teams find themselves stalled by manual firewall changes, policy approvals, and coordination across fragmented teams. The result? Prolonged exposure,… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/reducing-mean-time-to-remediation-mttr-with-automated-policy-workflows/
Warnings about Cisco vulns under active exploit are falling on deaf ears

Sep 30, 2025 7:09 PM

Tags: cisco, data-breach, exploit, firewall

50,000 firewall devices still exposed First seen on theregister.com Jump to article: www.theregister.com/2025/09/30/cisco_firewall_vulns/
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws

Sep 30, 2025 7:09 PM

Tags: cisco, data-breach, defense, exploit, firewall, flaw, threat, vulnerability

Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nearly-50-000-cisco-firewalls-vulnerable-to-actively-exploited-flaws/
Cisco firewall flaws endanger nearly 50,000 devices worldwide

Sep 30, 2025 6:08 PM

Tags: cisco, firewall, flaw, vulnerability

The U.S., the U.K. and Japan lead the list of the most vulnerable countries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-vulnerabilities-shadowserver-initial-exposure/761490/
Akira Hits SonicWall VPNs in Broad Ransomware Campaign

Sep 30, 2025 12:08 AM

Tags: firewall, ransomware, vpn, vulnerability

Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/akira-sonicwall-vpns-broad-ransomware-campaign
Cloud Security Alliance führt neues SaaS-Framework ein

Sep 29, 2025 3:08 PM

Tags: business, ceo, cloud, compliance, cyberattack, firewall, framework, international, ISO-27001, risk, saas, zero-trust

Mit dem SaaS Security Capability Framework (SSCF) hat die Cloud Security Alliance (CSA) einen neunen Sicherheitsstandart festgelegt.Das SaaS Security Capability Framework (SSCF) der Cloud Security Alliance (CSA) soll SaaS-Anbietern dabei helfen, Zero-Trust-Prinzipien in ihre Umgebungen zu integrieren und Kunden angesichts steigender Risiken durch Dritte konsistentere Sicherheitskontrollen zu bieten. Die Veröffentlichung der Leitlinien folgt auf die…
Lancom Systems und Rohde Schwarz Cybersecurity zeigen Portfolio für umfassende Sicherheit von IT-Netzen

Sep 29, 2025 3:08 PM

Tags: access, conference, cybersecurity, firewall, wifi

Auf der it-sa präsentieren sich Lancom Systems und Rohde & Schwarz Cybersecurity als starke Einheit und zeigen, wie ganzheitliche Netzwerksicherheit heute realisiert wird. Besucher können ein umfassendes Bild von sicherer Standortvernetzung über vertrauenswürdige Fernzugänge bis zu effektiver Bedrohungserkennung machen. Die Neuheiten im Lancom-Portfolio sind die WiFi-7-Access-Points LW-700 und LX-7200E mit integrierten Security-Features, die UF-560-Firewall, mit…
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts

Sep 29, 2025 2:08 PM

Tags: credentials, cyber, cybercrime, firewall, login, malicious, ransomware, threat, tool, vpn

Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts

Sep 29, 2025 2:08 PM

Tags: credentials, cyber, cybercrime, firewall, login, malicious, ransomware, threat, tool, vpn

Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
Ransowmare: Akira umgeht MFA von SonicwallKonten

Sep 29, 2025 11:09 AM

Tags: firewall, mfa, vpn

Die Cybererpresser melden sich erfolgreich bei vollständig gepatchten SSL-VPN-Firewalls an. First seen on golem.de Jump to article: www.golem.de/news/ransowmare-akira-umgeht-mfa-von-sonicwall-vpn-konten-2509-200593.html
Cisco Firewall and VPN Zero Day Attacks: CVE-2025-20333 and CVE-2025-20362

Sep 27, 2025 4:08 PM

Tags: access, advisory, ai, attack, authentication, awareness, backdoor, best-practice, breach, china, cisa, cisco, cloud, compliance, control, cve, cyber, cybersecurity, data, data-breach, defense, encryption, endpoint, espionage, exploit, firewall, firmware, flaw, group, Hardware, identity, infrastructure, Internet, Intruder, login, malicious, malware, mfa, mitigation, monitoring, network, password, phishing, PurpleTeam, radius, risk, risk-assessment, service, software, technology, theft, threat, training, unauthorized, update, vpn, vulnerability, zero-day, zero-trust

IntroductionOn September 25, 2025, Cisco released a security advisory to patch three security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) software, which have been exploited in the wild. These three vulnerabilities are tracked as CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363. The sophisticated state-sponsored campaign has been…
CISA Orders Urgent Patching of Cisco Firewall Zero-Day Vulnerabilities

Sep 26, 2025 11:10 PM

Tags: cisa, cisco, firewall, remote-code-execution, update, vulnerability, zero-day

CISA warns of active Cisco ASA exploits. Patch now to block remote code execution and privilege escalation risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisa-urgent-patch-cisco-firewall/
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days

Sep 26, 2025 7:09 PM

Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-day

CISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Sep 26, 2025 2:09 PM

Tags: attack, cisco, cve, exploit, firewall, flaw, malware, threat, zero-day

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Sep 26, 2025 2:09 PM

Tags: attack, cisco, cve, exploit, firewall, flaw, malware, threat, zero-day

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Sep 26, 2025 2:09 PM

Tags: attack, cisco, cve, exploit, firewall, flaw, malware, threat, zero-day

UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls

Sep 26, 2025 2:09 PM

Tags: attack, cisco, exploit, firewall, software, threat, vulnerability

An attack campaign has been identified which exploits vulnerabilities in Cisco Adaptive Security Appliance software First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/arcanedoor-attacks-against-cisco/