Tag: firewall

US names Chinese national it alleges was behind 2020 attack on Sophos firewalls

Dec 11, 2024 6:37 AM

Tags: attack, china, firewall, ransomware, sophos

Also sanctions his employer an outfit called Sichuan Silence linked to Ragnarok ransomware First seen on theregister.com Jump to article: www.theregister.com/2024/12/11/sichuan_silence_sophos_zeroday_sanctions/
US sanctions Chinese cybersecurity firm over global malware campaign

Dec 11, 2024 5:36 AM

Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-day

The US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
Attackers exploit zero-day RCE flaw in Cleo managed file transfer

Dec 11, 2024 1:37 AM

Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-day

Security researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…
US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks

Dec 10, 2024 10:08 PM

Tags: attack, china, cybersecurity, firewall, ransomware

The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/10/us-sanctions-sichuan-silence-guan-tianfeng/
US Indicts, Sanctions Alleged Chinese Sophos Firewall Hacker

Dec 10, 2024 9:09 PM

Tags: china, exploit, firewall, government, hacker, sophos, zero-day

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG Firewall. The U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect’s…
US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

Dec 10, 2024 8:08 PM

Tags: china, cybersecurity, exploit, firewall, hacking, infrastructure, sophos, vulnerability, zero-day

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos…
US sanctions Chinese cyber firm for compromising ‘thousands’ of firewalls in 2020

Dec 10, 2024 7:07 PM

Tags: china, cyber, firewall, technology

Sichuan Silence Information Technology Company and one of its employees, Guan Tianfeng, were the targets of the sanctions, and the Justice Department indicted Guan for his role in the attacks. The State Department also issued a $10 million reward for additional information on the company or Guan.]]> First seen on therecord.media Jump to article: therecord.media/us-sanctions-chinese-cyber-firm-compromising-firewalls
Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack

Dec 10, 2024 7:07 PM

Tags: attack, china, control, cyber, exploit, firewall, malware, office, zero-day

The department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-sanctions-chinese-cyber-company-2020-firewall-attack/
US sanctions Chinese firm for hacking firewalls in ransomware attacks

Dec 10, 2024 6:07 PM

Tags: attack, china, cybersecurity, firewall, hacking, infrastructure, ransomware

The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-chinese-firm-for-hacking-firewalls-in-ragnarok-ransomware-attacks/
Transfer-Software von Cleo: Hinter Firewall bringen, Patch wirkungslos

Dec 10, 2024 2:07 PM

Tags: bug, firewall, software, update

Die Datenstransfer-Software von Cleo hatte eine Sicherheitslücke gestopft jedoch unzureichend. Das Leck wird aktiv angegriffen. First seen on heise.de Jump to article: www.heise.de/news/Transfer-Software-von-Cleo-Hinter-Firewall-bringen-Patch-wirkungslos-10193961.html
EDR-Software ein Kaufratgeber

Dec 10, 2024 6:07 AM

Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day
Zero-day exploits underscore rising risks for internet-facing interfaces

Dec 9, 2024 7:08 PM

Tags: exploit, firewall, Internet, mitigation, network, risk, vulnerability, zero-day

Recent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/zero-day-exploits-underscore-rising-risks-for-internet-facing-interfaces/
Here’s Where Top Cybersecurity Vendors Stand as 2025 Nears

Dec 7, 2024 12:50 AM

Tags: crowdstrike, cybersecurity, firewall, ibm, network, saas, siem

Palo Alto, CrowdStrike, Zscaler Eye Firewall, SIEM Replacement, Incident Recovery Three of the world’s largest pure-play cybersecurity vendors recently reported earnings, grappling with SIEM and firewall displacement opportunities along with rebounding from a massive outage. Palo Alto Networks Continues to reap the benefits of buying IBM’s QRadar SaaS business. First seen on govinfosecurity.com Jump to…
Cybersecurity Insights with Contrast CISO David Lindner – 12/06/24

Dec 6, 2024 6:49 PM

Tags: ciso, control, cve, cybersecurity, defense, detection, firewall, malicious, nist, threat, tool, vulnerability
Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Dec 6, 2024 6:49 PM

Tags: access, advisory, ai, attack, authentication, best-practice, breach, business, china, cisa, cloud, communications, compliance, computing, control, credentials, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, espionage, exploit, finance, firewall, fraud, government, group, guide, hacker, hacking, identity, infrastructure, insurance, international, Internet, interpol, iot, korea, law, least-privilege, linux, lockbit, login, malware, mfa, mitigation, mobile, network, open-source, password, phishing, privacy, ransomware, RedTeam, resilience, risk, router, scam, service, software, strategy, supply-chain, technology, theft, threat, tool, unauthorized, usa, vpn, vulnerability, windows

Don’t miss the Linux Foundation’s deep dive into open source software security. Plus, cyber agencies warn about China-backed cyber espionage campaign targeting telecom data. Meanwhile, a study shows the weight of security considerations in generative AI projects. And get the latest on ransomware trends, financial cybercrime and critical infrastructure security. Dive into six things that…
Introducing Private Locations: Securely Scan Your Internal Applications

Dec 6, 2024 6:49 PM

Tags: firewall, vpn

Secure your internal applications with Escape’s Private Locations. Scan behind firewalls or VPNs using Repeater”, no exposure, no compromises. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/introducing-private-locations-securely-scan-your-internal-applications/
Navigating Firewall Security Policy Challenges in Technology Organizations: How FireMon Simplifies Complexity

Dec 6, 2024 6:48 AM

Tags: cloud, firewall, technology

In the technology sector, innovation and agility are key drivers of success. Organizations in this field lead the charge in adopting cutting-edge architectures like hybrid clouds, microservices, and DevSecOps practices…. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/navigating-firewall-security-policy-challenges-in-technology-organizations-how-firemon-simplifies-complexity/
Securing cloud-native applications: Why a comprehensive API security strategy is essential

Dec 6, 2024 12:49 AM

Tags: access, ai, api, attack, authentication, automation, best-practice, breach, business, cloud, compliance, control, data, data-breach, ddos, detection, exploit, finance, firewall, gartner, guide, infrastructure, intelligence, malicious, microsoft, monitoring, open-source, programming, risk, risk-management, saas, service, strategy, threat, tool, unauthorized, vulnerability, waf

Despite their capabilities and benefits, cloud-native applications also present several security challenges. Application programming interfaces (APIs) are among the top areas of risk for these applications. This isn’t surprising. As organizations look to enhance connections between digital services and increase data sharing between modern applications and systems, APIs are proliferating rapidly across hybrid and multicloud…
Why Zero-Day Attacks Bypass Traditional Firewall Security: Defending Against Zero-Day’s like Palo Alto Networks CVE-2024-0012

Dec 5, 2024 9:50 PM

Tags: attack, cve, exploit, firewall, network, vulnerability, zero-day

Recently, Palo Alto Networks identified and patched a critical zero-day vulnerability in their next-generation firewalls (NGFWs). This vulnerability, tracked as CVE-2024-0012, allowed attackers to execute code on vulnerable devices remotely. This vulnerability has been actively exploited in attacks dubbed “Operation Lunar Peek.” First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/why-zero-day-attacks-bypass-traditional-firewall-security-defending-against-zero-days-like-palo-alto-networks-cve-2024-0012/
Solving networking and security challenges in the modern branch

Dec 5, 2024 6:50 PM

Tags: access, attack, automation, botnet, business, cloud, control, cybercrime, data, endpoint, exploit, firewall, Hardware, infrastructure, Internet, iot, malware, monitoring, network, office, risk, router, service, software, threat, tool, unauthorized, update, vulnerability, zero-trust

As organizations embrace digital transformation, branch offices have become critical hubs for innovation and operations. They host diverse devices, users, and cloud-enabled applications that drive business agility and customer engagement. However, the rapid expansion of branch infrastructures has introduced significant challenges, particularly in networking and security.The rise of Internet-of-Things (IoT) devices in branch locations is…
CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, ProjectSend Flaws Exploited in Wild

Dec 5, 2024 12:48 PM

Tags: cisa, cve, cyber, cybersecurity, exploit, firewall, flaw, Hardware, infrastructure, mitigation, software, vulnerability, zyxel

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being actively exploited in the wild. The vulnerabilities affect popular software and hardware products, including Zyxel firewalls, CyberPanel, North Grid, and ProjectSend. Organizations using these products are urged to apply mitigations immediately or discontinue usage if fixes are unavailable. CVE-2024-51378: CyberPanel Incorrect…
CISA, German cyber authorities warn Zyxel firewalls facing active exploitation

Dec 4, 2024 6:48 PM

Tags: cisa, cyber, exploit, firewall, ransomware, zyxel

Attackers have targeted dozens of companies with Helldown ransomware, researchers found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-german-zyxel-firewalls-exploitation/734581/
Misconfigured WAFs Heighten DoS, Breach Risks

Dec 4, 2024 3:48 PM

Tags: breach, dos, firewall, network, risk, service, waf

Organizations that rely on their content delivery network provider for Web application firewall services may be inadvertently leaving themselves open to attack. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/misconfigured-wafs-heighten-dos-breach-risks
CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks

Dec 4, 2024 2:48 PM

Tags: attack, cisa, exploit, firewall, ransomware, vulnerability, zyxel

A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks. The post CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-zyxel-firewall-vulnerability-exploited-in-attacks/
U.S. CISA adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog

Dec 4, 2024 9:48 AM

Tags: attack, cisa, cybersecurity, exploit, firewall, infrastructure, kev, vulnerability, zyxel

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ProjectSend, North Grid Proself, and Zyxel firewalls bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Proself versions before Ver5.62, Ver1.65, and Ver1.08 are vulnerable to XXE attacks, allowing unauthenticated attackers…
Talent overlooked: embracing neurodiversity in cybersecurity

Dec 4, 2024 8:48 AM

Tags: awareness, business, cisa, ciso, cloud, computing, corporate, cyber, cybersecurity, email, finance, firewall, flaw, framework, google, government, hacking, incident response, jobs, microsoft, mitre, office, sap, service, skills, technology, threat, tool, training, vulnerability

In cybersecurity, diverse perspectives help in addressing complex, emerging threats. Increasingly, there’s a push to recognize that neurodiversity brings significant value to cybersecurity. However, neurodiverse people frequently face systemic barriers that hinder their success in the field.Neurodiversity refers to the way some people’s brains work differently to the neurotypical brain. This includes autism, ADHD (attention…
SafeLine: Open-source web application firewall (WAF)

Dec 4, 2024 6:48 AM

Tags: cyber, firewall, open-source, waf

SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. >>SafeLine WAF was created to protect web … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/04/safeline-open-source-web-application-firewall-waf/
CyberRatings report exposes critical flaws in cloud-native firewalls

Dec 3, 2024 9:48 PM

Tags: cloud, firewall, flaw

First seen on scworld.com Jump to article: www.scworld.com/brief/cyberratings-report-exposes-critical-flaws-in-cloud-native-firewalls
Want to be a cybersecurity pro? Use generative AI to get some simulated training

Dec 3, 2024 8:49 AM

Tags: access, ai, application-security, attack, authentication, awareness, backup, business, chatgpt, compliance, control, cve, cyber, cybercrime, cybersecurity, data, defense, detection, encryption, endpoint, firewall, group, guide, healthcare, HIPAA, infrastructure, intelligence, jobs, law, lockbit, mitigation, mitre, network, phishing, ransomware, risk, service, siem, skills, social-engineering, strategy, threat, tool, training, update, vulnerability

I often get approached by young, ambitious people looking to start a cybersecurity career. Some are studying cybersecurity in college, some are looking to jump from IT, and some believe that the field is synergistic with past experiences in law enforcement or the military.Regardless, all are looking for guidance as they struggle to find an…
Der Weg zum nachhaltigen Cyberschutz

Dec 3, 2024 5:48 AM

Tags: ai, authentication, ciso, cyberattack, cybersecurity, cyersecurity, detection, endpoint, firewall, hacking, healthcare, infrastructure, mfa, penetration-testing, update, usa