Security News
Zyxel's network storage boxes, business VPN gateways, firewalls, and, er, security scanners can be remotely hijacked by any miscreant, due to a devastating security hole in the firmware. If a miscreant can't directly connect to a vulnerable Zyxel device, "There are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable device," noted Carnegie Mellon's CERT Coordination Center in its advisory on the matter.
Zyxel's network storage boxes, business VPN gateways, firewalls, and, er, security scanners can be remotely hijacked by any miscreant, due to a devastating security hole in the firmware. If a miscreant can't directly connect to a vulnerable Zyxel device, "There are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable device," noted Carnegie Mellon's CERT Coordination Center in its advisory on the matter.
On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.
A threat actor - likely a state-sponsored cyberespionage group - has used a sophisticated technique to allow a piece of malware hosted on a server to communicate with command and control servers through a firewall. It's unclear exactly how the attackers planted the malware, but researchers believe they may have accessed the server through a dictionary attack on an exposed SSH port.
Zyxel Communications launched the ZyWALL VPN1000 VPN Firewall, an all-in-one security solution for small and medium businesses. The flagship of the growing Zyxel family of ZyWALL VPN firewalls, VPN1000 is an integrated security solution that combines a powerful firewall with high-performance VPN tunnel capabilities to protect the local network against threats and safeguard data communications between multiple locations or hybrid clouds.
Security provider Stellar Cyber, with the first Open-XDR platform, announced its new Firewall Traffic Analysis Application, which supercharges firewalls by analyzing their data to spot undetected anomalies. With this new App, security analysts get an automated assistant to detect firewall misconfigurations, malicious users and abnormal traffic to gain new value from firewall data, improving analyst productivity typically over 20x. The FTA Application supports firewalls from many vendors including Cisco, Check Point, Fortinet, Palo Alto Networks and Sophos.
Despite the inevitability of security-related incidents, few organizations currently protect against the spread of breaches with segmentation – only 19 percent of the 300 IT professionals surveyed...
By 2022, more than two-thirds of new cars on American roads will have online connections to their safety-critical system, putting them at risk of deadly hacks to vehicles’ “head” system, used...
Firewall Maintenance Needs Automation to Prevent Misconfiguration read more
A majority of IT staffers polled by firewall management service FireMon said they still use manual processes to manage changes.