Tag: firewall
-
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
Tags: attack, cisco, cve, exploit, firewall, flaw, group, ransomware, rce, remote-code-execution, vulnerability, zero-dayThe Interlock ransomware group has exploited a Cisco FMC zero-day RCE vulnerability in attacks since late January. The Interlock ransomware group has been exploiting a critical zero-day RCE vulnerability, tracked as CVE-2026-20131 (CVSS score of 10.0), in Cisco Secure Firewall Management Center (FMC) since late January. The vulnerability is a remote code execution flaw that…
-
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
Tags: cisco, cyber, exploit, firewall, flaw, network, ransomware, remote-code-execution, threat, vulnerability, zero-daySecurity research has uncovered an active Interlock ransomware campaign exploiting a critical zero-day vulnerability in Cisco Secure Firewall Management Centre (FMC) software. Utilizing this unauthenticated remote code execution flaw via the Amazon MadPot network, threat actors compromised enterprise environments for over a month before public disclosure. Cisco Firewall Zero-Day The intrusion campaign centers entirely on…
-
Cisco Firewall Zero-Day Actively Exploited to Deliver Interlock Ransomware
Tags: cisco, cyber, exploit, firewall, flaw, network, ransomware, remote-code-execution, threat, vulnerability, zero-daySecurity research has uncovered an active Interlock ransomware campaign exploiting a critical zero-day vulnerability in Cisco Secure Firewall Management Centre (FMC) software. Utilizing this unauthenticated remote code execution flaw via the Amazon MadPot network, threat actors compromised enterprise environments for over a month before public disclosure. Cisco Firewall Zero-Day The intrusion campaign centers entirely on…
-
Cisco’s latest vulnerability spree has a more troubling pattern underneath
Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start, and what’s already compromised. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-firewall-sd-wan-vulnerabilities-exploited/
-
Interlock Ransomware Exploited Cisco Firewall Flaw for Weeks
Tags: cisco, exploit, firewall, flaw, group, hacker, infrastructure, ransomware, software, usa, vulnerabilityAWS Researchers Find an Interlock Server Laden With Tools. Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the vulnerability in early March. The group has focused extensively on critical infrastructure sectors in North America and Europe. First seen on govinfosecurity.com Jump to…
-
Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure
Interlock’s post-exploit toolkit exposed First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/amazon_cisco_firewall_0_day_ransomware/
-
Ransomware gang exploits Cisco flaw in zero-day attacks since January
Tags: attack, cisco, exploit, firewall, flaw, ransomware, remote-code-execution, software, vulnerability, zero-dayThe Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco’s Secure Firewall Management Center (FMC) software in zero-day attacks since late January. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/interlock-ransomware-exploited-secure-fmc-flaw-in-zero-day-attacks-since-january/
-
8 Best Application Firewall (WAF) Solutions for 2026
Find the best Web Application Firewall (WAF) solutions in 2026 to protect your apps. Compare top vendors, features, and deployment options. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/top-web-application-firewall-waf-vendors/
-
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Tags: access, cisco, cve, exploit, firewall, flaw, intelligence, ransomware, threat, vulnerability, zero-dayAmazon Threat Intelligence is warning of an active Interlock ransomware campaign that’s exploiting a recently disclosed critical security flaw in Cisco Secure Firewall Management Center (FMC) Software.The vulnerability in question is CVE-2026-20131 (CVSS score: 10.0), a case of insecure deserialization of user-supplied Java byte stream, which could allow an unauthenticated, remote attacker to First seen…
-
Network-Change-Management Warum Monitoring bei Konfigurationsänderungen im Netzwerk so wichtig ist
IT-Administratoren kennen es vermutlich: Sie nehmen eine routinemäßige Konfigurationsänderung vor, und plötzlich ist der Großteil des Netzwerks lahmgelegt. Nach der Änderung ist die Hälfte der Router nicht erreichbar, das gesamte Büro ist offline, aus einem vermeintlich simplen Firewall-Update wird ein Notfall. Anpassungen an Routern, Switches oder Firewalls können auch Auswirkungen auf die Netzwerkperformance und Sicherheitsrichtlinien…
-
Best Cloud Firewall Vendors for 2026
Cloud adoption didn’t simplify network security. It multiplied it. Today’s enterprises operate across data centers, hybrid environments, and multiple public clouds. Security teams now manage AWS security groups, Azure Firewall… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/best-cloud-firewall-vendors-for-2026/
-
Best Cloud Firewall Vendors for 2026
Cloud adoption didn’t simplify network security. It multiplied it. Today’s enterprises operate across data centers, hybrid environments, and multiple public clouds. Security teams now manage AWS security groups, Azure Firewall… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/best-cloud-firewall-vendors-for-2026/
-
Heading to RSA Conference 2026? Mark your Calendar and Meet Thales!
Tags: access, ai, application-security, attack, communications, compliance, conference, container, control, cybersecurity, data, defense, firewall, framework, GDPR, google, HIPAA, iam, ibm, injection, LLM, malicious, risk, tool, vulnerabilityHeading to RSA Conference 2026? Mark your Calendar and Meet Thales! madhav Tue, 03/17/2026 – 05:14 The countdown is on. From March 2326, the cybersecurity community will gather once again at the Moscone Center in San Francisco, and Thales will be at the heart of it. Cybersecurity Chad Couser – Director Marketing Communications Thales More…
-
Runtime: The new frontier of AI agent security
Tags: access, ai, automation, ceo, ciso, computer, container, control, crowdstrike, cybersecurity, data, detection, edr, endpoint, firewall, framework, incident response, jobs, monitoring, network, openai, risk, saas, technology, threat, tool, vulnerability, zero-dayWhat runtime monitoring looks like: Once an organization knows where its agents are, the question is what to watch for, and how.Elia Zaitsev, CTO of CrowdStrike, tells CSO that existing endpoint detection and response (EDR) tools already capture the kinds of behavior needed to track AI agents. They instrument operating systems like a flight data…
-
New CondiBot Variant and ‘Monaco’ Miner Target More Network Devices
Over the past few years, the enterprise attack surface has shifted decisively toward network infrastructure, with attackers increasingly abusing routers, VPNs, firewalls, and other edge devices for initial access and long”‘term persistence. Research from Verizon and others has documented an almost eight”‘fold rise in exploitation of network and edge devices in recent years, with these…
-
FortiGate Firewall Exploitation Fuels Network Breaches in New Attack Wave
Tags: attack, breach, credentials, cve, cyber, cybersecurity, exploit, firewall, flaw, fortinet, network, threat, vulnerabilityCybersecurity defenders identified a surge in network breaches originating from compromised FortiGate Next-Generation Firewalls. According to incident responders at SentinelOne, threat actors exploit recent vulnerabilities to extract configuration files, steal credentials, and establish deep network footholds. Attackers are primarily leveraging flaws in Fortinet’s Single Sign-On mechanisms. Vulnerabilities like CVE-2025-59718, CVE-2025-59719, and the recently patched CVE-2026-24858…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
The cyber perimeter was never dead. We just abandoned it.
Tags: access, advisory, authentication, awareness, backup, cisa, ciso, cloud, control, cyber, cybersecurity, data-breach, email, exploit, firewall, flaw, governance, government, Hardware, identity, infrastructure, Internet, resilience, risk, router, rust, service, software, strategy, technology, update, zero-trustIndustry has comforted itself with the idea that the perimeter is dead. It is not. What happened is far worse. We ignored the edge, let unsupported hardware decay in place, and effectively donated our perimeter to adversaries who were more than willing to accept it.The FBI’s Winter SHIELD effort is the operational side of the…
-
IO River Embraces Wasm to Enable Any WAF to Run on Any CDN
IO River this week revealed it is leveraging the portable WebAssembly (Wasm) binary instruction format to make it possible to deploy any web application firewall (WAF) on a content delivery network (CDN). Starting with running the Check Point WAF on the Akamai CDN service, the overall goal is to eliminate the need to acquire and..…
-
The Threat Within: How Intelligent Detection Prevented a Potential Internal Malware Incident
Executive Overview Organizations often focus heavily on defending their perimeter against external attackers. Firewalls, threat intelligence feeds, and intrusion prevention systems are designed to stop threats attempting to break in from outside the network. However, experienced security professionals understand an important reality. Threats that originate from within the network can sometimes be more dangerous than…
-
Why zero trust breaks down in IoT and OT environments
Tags: access, attack, automation, breach, cloud, control, credentials, cyber, firewall, firmware, group, identity, infrastructure, iot, network, nist, resilience, risk, service, tool, update, zero-trustThe IoT and OT blind spot: IoT and OT environments consistently exhibit three characteristics that create persistent security blind spots.First, visibility is incomplete by design. Devices are frequently deployed by facilities teams, engineering groups, or third-party integrators rather than security organizations. Asset inventories lag reality. Telemetry is sparse, proprietary, or intermittent. Many devices communicate only…
-
Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials
Tags: access, advisory, cisa, control, credentials, data, endpoint, exploit, firewall, flaw, infrastructure, kev, remote-code-execution, software, switch, update, vulnerabilityExposure spans campus to data center switching: The vulnerabilities affect AOS-CX software across four active version branches, spanning entry-level campus switches to data center-class hardware. Versions that reached the end of support before the advisory’s publication are also expected to be vulnerable, the advisory said. Organizations running AOS-CX 10.17.0001 and below, 10.16.1020 and below, 10.13.1160…
-
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Tags: breach, credentials, cybersecurity, exploit, firewall, network, service, threat, vulnerabilityCybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks. The activity involves the exploitation of recently disclosed security vulnerabilities or weak credentials to extract configuration files containing service account credentials and network topology First seen on thehackernews.com Jump…
-
Beim Training: KI-Agent umgeht unerwartet Firewall und schürft Kryptos
Ein Forschungsteam hat mit einem KI-Agenten experimentiert und wurde überrascht. Es gab plötzlich verdächtige Aktivitäten im Netzwerk. First seen on golem.de Jump to article: www.golem.de/news/beim-training-ki-agent-umgeht-unerwartet-firewall-und-schuerft-kryptos-2603-206308.html