Security News
Security vendor SonicWall is warning customers to patch its enterprise secure VPN hardware to thwart an "Imminent ransomware campaign using stolen credentials" that's exploiting security holes in current models and those running legacy firmware. In a Thursday security notice, the company reported that researchers at Mandiant identified "Threat actors actively targeting" three SMA 100 models and nine older SRA-series secure VPN products no longer supported by SonicWall.
SonicWall announced three new high-performance firewall models for enterprises and large organizations - NSa 4700, NSa 6700 and NSsp 13700 - designed to accelerate network throughput, stop advanced cyberattacks like ransomware, and securely connect millions of users. The new SonicWall NSa 4700 and NSa 6700 next-generation firewalls deliver 18 and 36 Gbps of firewall throughput - three times the previous comparable SonicWall appliances.
A high-severity vulnerability patched recently by Fortinet in its FortiWeb web application firewall can be exploited to execute arbitrary commands. Rey Medov, a researcher at Russian enterprise cybersecurity firm Positive Technologies, discovered that the FortiWeb firewall - specifically its management interface - is affected by a vulnerability that can allow a remote, authenticated attacker to execute commands on the system via the SAML server configuration page.
Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "Small subset" of its security products such as firewall and VPN servers. Attributing the attacks to a "Sophisticated threat actor," the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and VPN series running on-premise ZLD firmware, implying that the targeted devices are publicly accessible over the internet.
New findings have emerged that shed light on a critical SonicWall vulnerability disclosed last year, which was initially thought to have been patched. In October last year, a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135, was discovered affecting over 800,000 SonicWall VPNs. When exploited, the vulnerability allows unauthenticated remote attackers to execute arbitrary code on the impacted devices, or cause Denial of Service.
New findings have emerged that shed light on a critical SonicWall vulnerability disclosed last year, which was initially thought to have been patched. In October last year, a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135, was discovered affecting over 800,000 SonicWall VPNs. When exploited, the vulnerability allows unauthenticated remote attackers to execute arbitrary code on the impacted devices, or cause Denial of Service.
The need for secure data access management is top-of-mind in the C-suite and boardroom. This is the only way to comply with evolving data privacy regulations such as GDPR and CCPA. According to Gartner, "As remote work increases access management tool adoption, and security controls shift to identity, the ability to secure access with AM strategies aligned with continuous adaptive risk and trust assessment is paramount."
SonicWall last week announced the availability of patches for a severe vulnerability in its Network Security Manager product. NSM is a firewall management application that provides the ability to monitor and manage all network security services from a single interface, as well as to automate tasks to improve security operations.
Cisco this week released patches for multiple vulnerabilities in Firepower Threat Defense software, including high-severity issues that could be exploited for arbitrary command execution or denial-of-service attacks. An attacker able to abuse it may execute arbitrary commands as root on the underlying OS. The flaw exists because user-supplied command arguments aren't sufficiently validated, and affects Firepower 4100 and Firepower 9300 series appliances.
Zyxel Networks announced the addition of the USG FLEX firewall series to its signature Nebula Cloud Networking solution. Equipped with the newly-released firmware version ZLD5.0, the USG FLEX firewalls add the robust, intelligent network security capability that establishes Nebula as the most comprehensive cloud networking solution for SMBs and MSPs. The distribution of the workforce, initially driven by COVID-19 restrictions, presents businesses with the challenge of providing critical connectivity to network resources and assets to remote employees outside of the main office.