Security News

2 million malicious emails bypassed secure email gateways in 12 months
2021-09-22 03:30

Two million malicious emails bypassed traditional email defenses, like secure email gateways, between July 2020-July 2021, according to data from Tessian. In this case, the malicious emails come from a trusted vendor or supplier's legitimate email address, and likely won't be flagged by a secure email gateway as suspicious.

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways
2021-08-22 02:35

Mozi, a peer-to-peer botnet known to target IoT devices, has gained new capabilities that allow it to achieve persistence on network gateways manufactured by Netgear, Huawei, and ZTE, according to new findings. "Network gateways are a particularly juicy target for adversaries because they are ideal as initial access points to corporate networks," researchers at Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT said in a technical write-up.

Bayshore Networks expands its Security Gateway portfolio with the release of NetWall 10GB USG
2021-06-11 00:00

Bayshore Networks announced an expansion of its NetWall family of Security Gateways with the immediate release of NetWall 10GB USG - Unilateral Security Gateway. NetWall 10BG USG for IT and OT is a high-speed hardware and software solution that creates a secure network segment when installed, shielding and isolating critical assets and sensitive networks from cyberattacks and misuse.

ADTRAN IoT Gateway based on LoRaWAN technology supports Smart Building applications
2021-04-22 01:30

ADTRAN announced its Internet of Things Gateway based on LoRaWAN technology. This micro-sized, Bluetooth-enabled gateway will enable LoRaWAN network operators, service providers, VARs and solution integrators to easily add support for growing enterprise IoT initiatives to their service portfolios and generate new revenue opportunities.

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way
2021-04-20 22:20

Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances - including a zero-day flaw that won't be patched until next month. On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.

Proxmox Mail Gateway 6.4: Protects orgs from spam, viruses, Trojans, and phishing emails
2021-03-31 01:15

Enterprise software developer Proxmox Server Solutions GmbH has released Proxmox Mail Gateway 6.4, the latest version of its open-source email security solution. Proxmox Mail Gateway is a complete operating system based on Debian Buster 10.9, but using Linux kernel 5.4.106, which is under long term support status.

Microsoft warns of phishing attacks bypassing email gateways
2021-03-23 17:40

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Vulnerabilities Can Allow Hackers to Create Backdoors in Comtrol Industrial Gateways
2021-01-14 12:38

Several vulnerabilities have been identified in Pepperl+Fuchs Comtrol IO-Link Master industrial gateways, including flaws that researchers claim can be exploited to gain root access to a device and create backdoors. A researcher at Austria-based cybersecurity consultancy SEC Consult discovered five types of vulnerabilities in Pepperl+Fuchs Comtrol industrial products, including cross-site request forgery, reflected cross-site scripting, blind command injection, and denial-of-service issues.

Backdoor in Zyxel Firewalls and Gateways
2021-01-06 11:44

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the "Zyfwp" username and the "PrOw!aN fXp" password.

CommScope releases NVG578LX 2.5G GPON Wi-Fi 6 residential gateway
2021-01-06 01:30

CommScope announced it is expanding its industry leading Wi-Fi 6 home network gateway portfolio with the release of its NVG578LX 2.5G GPON Wi-Fi 6 residential gateway. The NVG578LX GPON home network gateway provides true gigabit speeds for the delivery of managed voice, video and data services.