Security News

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
2023-04-28 11:41

Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. "Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device," Zyxel said in an advisory on April 25, 2023.

Thousands of Sophos firewalls still vulnerable out there to hijacking
2023-01-18 23:30

More than 4,000 public-facing Sophos firewalls remain vulnerable to a critical remote code execution bug disclosed last year and patched months later, according to security researchers. The flaw, CVE-2022-3236, had already been exploited as a zero-day when Sophos published a security advisory about the vulnerability in September 2022.

Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
2023-01-17 18:53

Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution vulnerability. Sophos disclosed this code injection flaw found in the User Portal and Webadmin of Sophos Firewall in September and also released hotfixes for multiple Sophos Firewall versions.

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls
2023-01-09 08:47

In yet another campaign targeting the Python Package Index repository, six malicious packages have been found deploying information stealers on developer systems. The malicious code, as is increasingly the case, is concealed in the setup script of these libraries, meaning running a "Pip install" command is enough to activate the malware deployment process.

Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls
2023-01-07 15:12

Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access. The malicious packages attempt to steal sensitive user information stored in browsers, run shell commands, and use keyloggers to steal typed secrets.

Advanced Threat Prevention with VMware NSX Distributed Firewall
2022-12-19 11:00

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Internal Firewalls for Dummies Guide
2022-12-18 11:00

Organizations can no longer rely on edge firewalls alone to provide network security. Once attackers get past an edge firewall, they can move laterally to high-value assets.

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
2022-12-10 06:18

A new attack method can be used to circumvent web application firewalls of various vendors and infiltrate systems, potentially enabling attackers to gain access to sensitive business and customer information. Web application firewalls are a key line of defense to help filter, monitor, and block HTTP(S) traffic to and from a web application, and safeguard against attacks such as cross-site forgery, cross-site-scripting, file inclusion, and SQL injection.

Week in review: 3FA, Fortinet firewalls under attack, and the riskiest connected devices
2022-10-16 08:30

Lack of transparency, systemic risks weaken national cybersecurity preparednessBob Kolasky, SVP for Critical Infrastructure at Exiger, previously served as Assistant Director for Cybersecurity and Infrastructure Security Agency, and in this Help Net Security interview talks about protecting critical infrastructure, the importance of information-sharing, national cybersecurity preparedness, and more. Weakness in Microsoft Office 365 Message Encryption could expose email contentsWithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption that could be exploited by attackers to obtain sensitive information.

Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount
2022-10-14 14:06

Ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet's firewalls and secure web gateways, and soon after exploitation attempts started rising. " , the Wordfence Threat Intelligence team began tracking exploit attempts targeting CVE-2022-40684 on our network of over 4 million protected websites," Wordfence threat analyst Ram Gall shared.