Security News

Cisco bug can let hackers crash Cisco Secure Email gateways
2022-02-17 16:26

Cisco has addressed a high severity vulnerability that could allow remote attackers to crash Cisco Secure Email appliances using maliciously crafted email messages. The security flaw was found in DNS-based Authentication of Named Entities, a Cisco AsyncOS Software component used by Cisco Secure Email to check emails for spam, phishing, malware, and other threats.

Cambodia cans critics of its snoopy Internet Gateway, says every nation has one
2022-02-15 06:58

Cambodia's Ministry of Foreign Affairs and International Cooperation has issued a clarification about the role of the "National Internet Gateway" that will commence operations tomorrow, stating that descriptions of it as an instrument of pervasive surveillance are "Unfounded." A Ministry spokesperson insists the Gateway is actually an instrument to "Strengthen national security and tax collection as well as to maintain social order and protect national culture."

2 million malicious emails bypassed secure email gateways in 12 months
2021-09-22 03:30

Two million malicious emails bypassed traditional email defenses, like secure email gateways, between July 2020-July 2021, according to data from Tessian. In this case, the malicious emails come from a trusted vendor or supplier's legitimate email address, and likely won't be flagged by a secure email gateway as suspicious.

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways
2021-08-22 02:35

Mozi, a peer-to-peer botnet known to target IoT devices, has gained new capabilities that allow it to achieve persistence on network gateways manufactured by Netgear, Huawei, and ZTE, according to new findings. "Network gateways are a particularly juicy target for adversaries because they are ideal as initial access points to corporate networks," researchers at Microsoft Security Threat Intelligence Center and Section 52 at Azure Defender for IoT said in a technical write-up.

Bayshore Networks expands its Security Gateway portfolio with the release of NetWall 10GB USG
2021-06-11 00:00

Bayshore Networks announced an expansion of its NetWall family of Security Gateways with the immediate release of NetWall 10GB USG - Unilateral Security Gateway. NetWall 10BG USG for IT and OT is a high-speed hardware and software solution that creates a secure network segment when installed, shielding and isolating critical assets and sensitive networks from cyberattacks and misuse.

ADTRAN IoT Gateway based on LoRaWAN technology supports Smart Building applications
2021-04-22 01:30

ADTRAN announced its Internet of Things Gateway based on LoRaWAN technology. This micro-sized, Bluetooth-enabled gateway will enable LoRaWAN network operators, service providers, VARs and solution integrators to easily add support for growing enterprise IoT initiatives to their service portfolios and generate new revenue opportunities.

China broke into govt, defense, finance networks via zero-day in Pulse Secure VPN gateways? No way
2021-04-20 22:20

Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances - including a zero-day flaw that won't be patched until next month. On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.

Proxmox Mail Gateway 6.4: Protects orgs from spam, viruses, Trojans, and phishing emails
2021-03-31 01:15

Enterprise software developer Proxmox Server Solutions GmbH has released Proxmox Mail Gateway 6.4, the latest version of its open-source email security solution. Proxmox Mail Gateway is a complete operating system based on Debian Buster 10.9, but using Linux kernel 5.4.106, which is under long term support status.

Microsoft warns of phishing attacks bypassing email gateways
2021-03-23 17:40

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Vulnerabilities Can Allow Hackers to Create Backdoors in Comtrol Industrial Gateways
2021-01-14 12:38

Several vulnerabilities have been identified in Pepperl+Fuchs Comtrol IO-Link Master industrial gateways, including flaws that researchers claim can be exploited to gain root access to a device and create backdoors. A researcher at Austria-based cybersecurity consultancy SEC Consult discovered five types of vulnerabilities in Pepperl+Fuchs Comtrol industrial products, including cross-site request forgery, reflected cross-site scripting, blind command injection, and denial-of-service issues.