Tag: firewall
-
Addressed High-Severity SonicWall Firewall Bug Poses VPN Hijacking Threat
First seen on scworld.com Jump to article: www.scworld.com/brief/addressed-high-severity-sonicwall-firewall-bug-poses-vpn-hijacking-threat
-
Breach Roundup: Microsoft Patches Two Zero-Days in February
Also: Google Fixes YouTube Vulnerabilities That Could Have Exposed User Emails. This week: Microsoft, Ivanti and Google release fixes for critical vulnerabilities and urge priority patching; Lee Enterprises confirms a cyberattack disrupted newspaper operations; and thousands of KerioControl Firewalls exposed to critical remote code execution flaws. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-microsoft-patches-two-zero-days-in-february-a-27515
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
Palo Alto Firewall Flaw Exploited in RA World Ransomware Attacks
Tags: attack, china, cyber, cybersecurity, espionage, exploit, firewall, flaw, network, ransomware, service, software, tool, vulnerabilityA recent ransomware attack leveraging a vulnerability in Palo Alto Networks’ PAN-OS firewall software (CVE-2024-0012) has raised significant concerns within the cybersecurity community. The attack, which targeted a medium-sized software and services company in South Asia in late 2024, is particularly alarming because it employed tools historically associated with China-based espionage groups. This marks a…
-
Mysterious Palo Alto firewall reboots? You’re not alone
Tags: firewallLimited-edition hotfix to get wider release before end of month First seen on theregister.com Jump to article: www.theregister.com/2025/02/13/palo_alto_firewall/
-
Palo Alto Networks Patches Potentially Serious Firewall Vulnerability
Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability. The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/palo-alto-networks-patches-potentially-serious-firewall-vulnerability/
-
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)
Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/13/pan-os-authentication-bypass-palo-alto-networks-poc-cve-2025-0108/
-
SonicWall Firewalls Exploit Hijack SSL VPN Sessions to Gain Networks Access
SonicWall firewalls running specific versions of SonicOS are vulnerable to a critical authentication bypass flaw, tracked as CVE-2024-53704, which allows attackers to hijack active SSL VPN sessions. This vulnerability has been classified as high-risk, with a CVSS score of 8.2. It affects SonicOS versions 7.1.x (up to 7.1.1-7058), 7.1.2-7019, and 8.0.0-8035, used in various Gen…
-
Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack
Fortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to execute remote code (RCE) and launch denial-of-service (DoS) attacks. These vulnerabilities, disclosed by Akamai researcher Ben Barnea, were assigned CVE-2024-46666 and CVE-2024-46668. Fortinet released patches on January 14, 2025, to mitigate…
-
FortiOS FortiProxy Vulnerability Allows Attackers Firewall Hijacks to Gain Super Admin Access
A critical vulnerability in Fortinet’s FortiOS and FortiProxy products has been identified, enabling attackers to bypass authentication and gain super-admin access. The flaw, classified as an Authentication Bypass Using an Alternate Path or Channel (CWE-288), is actively being exploited in the wild. This vulnerability allows remote attackers to manipulate Node.js WebSocket modules or craft Cross-Site…
-
West London Council Faces 20,000 Cyberattack Attempts Every Day Amid Growing Threats
A West London council has revealed that it is the target of around 20,000 attempted cyberattacks every day. Hammersmith and Fulham Council, one of the boroughs in the capital, is no stranger to the growing risks of digital security breaches. In response to these frequent cyber threats, the council has ramped up its defense mechanisms,…
-
Attackers exploit a new zero-day to hijack Fortinet firewalls
Fortinet warned of attacks using a now-patched zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls. Fortinet warned that threat actors are exploiting a new zero-day vulnerability, tracked as CVE-2025-24472 (CVSS score of 8.1), in FortiOS and FortiProxy to hijack Fortinet firewalls. The vulnerability is an authentication bypass issue that could allow a remote attacker…
-
Fortinet discloses second firewall auth bypass patched in January
Fortinet has disclosed a second authentication bypass vulnerability that was fixed as part of a January 2025 update for FortiOS and FortiProxy devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-discloses-second-firewall-auth-bypass-patched-in-january/
-
Thousands of GFI KerioControl firewalls still at risk of exploited critical RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-of-exploited-critical-rce
-
Thousands of GFI KerioControl Firewalls Still At Risk From Critical RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-from-critical-rce
-
Fortinet FortiOS FortiProxy Zero-Day Exploited to Hijack Firewall Gain Super Admin Access
Tags: access, authentication, csf, cyber, cybersecurity, exploit, firewall, flaw, fortinet, vulnerability, zero-dayCybersecurity firm Fortinet has issued an urgent warning regarding a newly discovered zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS and FortiProxy products. This critical flaw enables remote attackers to obtain super-admin privileges by exploiting maliciously crafted CSF proxy requests. The vulnerability impacts FortiOS versions 7.0.0 through 7.0.16, as well as FortiProxy versions 7.0.0 through…
-
Fortinet warns of new zero-day exploited to hijack firewalls
Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-warns-of-new-zero-day-exploited-to-hijack-firewalls/
-
SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-firewall-exploit-lets-hackers-hijack-vpn-sessions-patch-now/
-
Over 12,000 KerioControl firewalls remain prone to RCE attacks amid active exploits
The flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…
-
Over 12,000 KerioControl firewalls remain prone to RCE attack amid active exploits
The flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…
-
12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack
Tags: attack, cve, cyber, cybersecurity, data-breach, exploit, firewall, flaw, rce, remote-code-execution, vulnerabilityCybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be exploited for remote code execution (RCE) with minimal effort. The Shadowserver Foundation has been tracking this vulnerability and issuing daily reports since February 5, 2025. Critical Vulnerability Overview CVE-2024-52875 is a…
-
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/
-
Massive Brute Force Attack Launched With 2.8 Million IPs To Hack VPN Firewall Logins
Massive brute force attacks targeting VPNs and firewalls have surged in recent weeks, with cybercriminals using as many as 2.8 million unique IP addresses daily to conduct relentless login attempts. The Shadowserver Foundation, a nonprofit cybersecurity organization, has confirmed this alarming trend through data collected from its global honeypot infrastructure. These attacks primarily target devices…
-
Miercom bestätigt Check Point die höchste Abwehrrate bei Enterprise- und Hybrid-Mesh-Firewalls
Check Point Software Technologies gibt bekannt, dass die Infinity-Plattform eine herausragende Abwehrrate von 99,9 Prozent bei Zero+1-Day-Malware erreicht hat. Weitere Ergebnisse des zeigen eine Phishing-Präventionsrate von 99,7 Prozent, die höchste Sicherheitseffizienz für Secure-Services-Edge-Anwendungsfälle und eine beeindruckende Abwehrrate von 98 Prozent bei hochgradigen und kritischen Vorfällen in Netzwerken. ‘In einem Vergleich […] First seen on netzpalaver.de…
-
Check Point erhöht Sicherheitslevel: Beste Cyber-Abwehrquote bei Firewalls laut Miercom
Angesichts eines Anstiegs von Cyber-Angriffen um 44 % im Vergleich zum Vorjahr bestätigt der Miercom-Report, dass Check Point branchenweit die höchste Bedrohungsabwehrrate bietet. Die Firewall-Lösung überzeugt insbesondere durch ihre führende Präventionsleistung gegenüber neuer Malware und kritischen Sicherheitsvorfällen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-erhoeht-sicherheitslevel-beste-cyber-abwehrquote-bei-firewalls-laut-miercom/a39704/
-
U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, firewall, flaw, infrastructure, kev, microsoft, remote-code-execution, sophos, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and otherflaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-21413 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook.…
-
Spy vs spy: Security agencies help secure the network edge
Tags: cybersecurity, exploit, firewall, infrastructure, intelligence, Internet, network, router, service, software, spy, strategy, vpn, vulnerabilityThe national intelligence services of five countries have offered enterprises advice on beating spies at their own game in a series of documents intended to help them protect network edge devices and appliances such as firewalls, routers, VPN (virtual private networks) gateways, internet of things (IoT) devices, internet-facing servers, and internet-facing OT (operational technology) systems…
-
CISA Releases New Guidelines to Secure Firewalls, Routers, and Internet-Facing Servers
Tags: cisa, cyber, cybersecurity, firewall, Hardware, infrastructure, international, Internet, network, router, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new set of guidelines to fortify firewalls, routers, internet-facing servers, and other edge devices against cyber threats. This collaborative guidance, supported by leading international cybersecurity organizations, aims to address vulnerabilities in hardware that form the backbone of critical infrastructure and operational networks worldwide. Edge devices”,…
-
Patch coming for reported firmware bugs in Palo Alto firewalls
First seen on scworld.com Jump to article: www.scworld.com/brief/patch-coming-for-reported-firmware-bugs-in-palo-alto-firewalls