Security News
Critical steps for a successful cyber security awareness campaign. Staff working remotely are at greater risk of compromising organizational security. Home connections are less secure. Employees...
An ongoing outage affects multiple Microsoft 365 services, blocking users from connecting to Exchange Online, Microsoft Teams, Outlook desktop clients, and OneDrive for Business. While Microsoft says that this incident has only affected customers in the EMEA region, users have been reporting server connection issues and sign-in failures worldwide.
Cisco commissioned Forrester Consulting to conduct a Total Economic Impact™ study and examine the potential return on investment enterprises may realize by deploying Secure Firewall. The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Secure Firewall on their organizations.
Traditional security architecture focused on a hardened perimeter with a vulnerable interior. Modern security practices focus instead on multiple key control points, such as the network, endpoints, applications, and identities.
Network firewalls are a critical line of defense in securing enterprise networks and protecting their vital data. The rapid transition to cloud infrastructure makes managing networks quite complex and cumbersome, leaving security and information technology teams with the overwhelming task of determining proper restrictions and access.
Often, organizations think of firewall security as a one-and-done type of solution. Let's break down a few questions that you and your team should be asking about firewall security to get a more accurate view into your network defense posture.
A sophisticated Chinese advanced persistent threat actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks against the customer's staff," Volexity said in a report.
Chinese hackers used a zero-day exploit for a critical-severity vulnerability in Sophos Firewall to compromise a company and breach cloud-hosted web servers operated by the victim.On March 25, Sophos published a security advisory about CVE-2022-1040, an authentication bypass vulnerability that affects the User Portal and Webadmin of Sophos Firewall and could be exploited to execute arbitrary code remotely.
Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information. CVE-2022-26531 - Several input validation flaws in command line interface commands for some versions of firewall, AP controller, and AP devices that could be exploited to cause a system crash.
Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. Large organizations use Zyxel products, and any exploitable flaws in them immediately capture the attention of threat actors.