Tag: firewall
-
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
-
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
-
Reducing Mean Time to Remediation (MTTR) with Automated Policy Workflows
Tags: firewallWhen an incident hits, every second matters. Yet too often, security teams find themselves stalled by manual firewall changes, policy approvals, and coordination across fragmented teams. The result? Prolonged exposure,… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/reducing-mean-time-to-remediation-mttr-with-automated-policy-workflows/
-
Warnings about Cisco vulns under active exploit are falling on deaf ears
50,000 firewall devices still exposed First seen on theregister.com Jump to article: www.theregister.com/2025/09/30/cisco_firewall_vulns/
-
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nearly-50-000-cisco-firewalls-vulnerable-to-actively-exploited-flaws/
-
Cisco firewall flaws endanger nearly 50,000 devices worldwide
The U.S., the U.K. and Japan lead the list of the most vulnerable countries. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-firewall-vulnerabilities-shadowserver-initial-exposure/761490/
-
Akira Hits SonicWall VPNs in Broad Ransomware Campaign
Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/akira-sonicwall-vpns-broad-ransomware-campaign
-
Cloud Security Alliance führt neues SaaS-Framework ein
Tags: business, ceo, cloud, compliance, cyberattack, firewall, framework, international, ISO-27001, risk, saas, zero-trustMit dem SaaS Security Capability Framework (SSCF) hat die Cloud Security Alliance (CSA) einen neunen Sicherheitsstandart festgelegt.Das SaaS Security Capability Framework (SSCF) der Cloud Security Alliance (CSA) soll SaaS-Anbietern dabei helfen, Zero-Trust-Prinzipien in ihre Umgebungen zu integrieren und Kunden angesichts steigender Risiken durch Dritte konsistentere Sicherheitskontrollen zu bieten. Die Veröffentlichung der Leitlinien folgt auf die…
-
Lancom Systems und Rohde Schwarz Cybersecurity zeigen Portfolio für umfassende Sicherheit von IT-Netzen
Auf der it-sa präsentieren sich Lancom Systems und Rohde & Schwarz Cybersecurity als starke Einheit und zeigen, wie ganzheitliche Netzwerksicherheit heute realisiert wird. Besucher können ein umfassendes Bild von sicherer Standortvernetzung über vertrauenswürdige Fernzugänge bis zu effektiver Bedrohungserkennung machen. Die Neuheiten im Lancom-Portfolio sind die WiFi-7-Access-Points LW-700 und LX-7200E mit integrierten Security-Features, die UF-560-Firewall, mit…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Cybercriminals Target SonicWall Firewalls to Deploy Akira Ransomware via Malicious Login Attempts
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours”, dwell times among the shortest ever recorded for this type of threat. Within minutes of successful authentication”, often originating from hosting-related ASNs”, threat actors initiated port scans, leveraged Impacket SMB tools for discovery,…
-
Ransowmare: Akira umgeht MFA von SonicwallKonten
Die Cybererpresser melden sich erfolgreich bei vollständig gepatchten SSL-VPN-Firewalls an. First seen on golem.de Jump to article: www.golem.de/news/ransowmare-akira-umgeht-mfa-von-sonicwall-vpn-konten-2509-200593.html
-
CISA Orders Urgent Patching of Cisco Firewall Zero-Day Vulnerabilities
CISA warns of active Cisco ASA exploits. Patch now to block remote code execution and privilege escalation risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisa-urgent-patch-cisco-firewall/
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
-
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
-
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
-
ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls
An attack campaign has been identified which exploits vulnerabilities in Cisco Adaptive Security Appliance software First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/arcanedoor-attacks-against-cisco/
-
Auch in Deutschland: Laufende Angriffe gefährden unzählige Cisco-Firewalls
Forscher haben schon vor Wochen vor möglichen Zero-Day-Lücken in Cisco-Geräten gewarnt. Jetzt schlagen auch Cyberbehörden und der Hersteller Alarm. First seen on golem.de Jump to article: www.golem.de/news/auch-in-deutschland-laufende-angriffe-gefaehrden-unzaehlige-cisco-firewalls-2509-200546.html
-
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/cisco_firewall_flaws/
-
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/cisco_firewall_flaws/
-
Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software is being actively exploited in the wild. Tracked as CVE-2025-20333, this remote code execution flaw allows an authenticated attacker to execute arbitrary code as root on affected devices. Cisco published an advisory on September…
-
Critical Cisco Flaw Lets Remote Attackers Execute Code on Firewalls and Routers
Cisco published Security Advisory cisco-sa-http-code-exec-WmfP3h3O revealing a severe flaw in multiple Cisco platforms that handle HTTP-based management. Tracked as CVE-2025-20363, this vulnerability stems from improper validation of user-supplied input in HTTP requests. CVE Affected Products Impact CVSS 3.1 Score CVE-2025-20363 Secure Firewall ASA & FTD with SSL VPN or MUS enabled; IOS/IOS XE with Remote…
-
Critical Cisco Flaw Lets Remote Attackers Execute Code on Firewalls and Routers
Cisco published Security Advisory cisco-sa-http-code-exec-WmfP3h3O revealing a severe flaw in multiple Cisco platforms that handle HTTP-based management. Tracked as CVE-2025-20363, this vulnerability stems from improper validation of user-supplied input in HTTP requests. CVE Affected Products Impact CVSS 3.1 Score CVE-2025-20363 Secure Firewall ASA & FTD with SSL VPN or MUS enabled; IOS/IOS XE with Remote…
-
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER.”The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign, both…
-
Patch now: Attacker finds another zero day in Cisco firewall software
Tags: access, attack, best-practice, cisa, cisco, cve, cyber, defense, detection, exploit, firewall, firmware, Hardware, incident response, malware, monitoring, network, resilience, risk, router, software, technology, threat, tool, update, vpn, vulnerability, zero-day, zero-trustroot, which may lead to the complete compromise of the device.Affected are devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) software, Cisco Secure Firewall Threat Defense (FTD) software, as well as devices running Cisco IOS, IOS XE and IOS XR software. There are two attack scenarios:an unauthenticated, remote attacker getting into devices running Cisco…