Security News

ADTRAN announced its Internet of Things Gateway based on LoRaWAN technology. This micro-sized, Bluetooth-enabled gateway will enable LoRaWAN network operators, service providers, VARs and solution integrators to easily add support for growing enterprise IoT initiatives to their service portfolios and generate new revenue opportunities.

Dozens of defense companies, government agencies, and financial organizations in America and abroad appear to have been compromised by China via vulnerabilities in their Pulse Connect Secure VPN appliances - including a zero-day flaw that won't be patched until next month. On Tuesday, IT software supplier Ivanti, the parent of Pulse Secure, issued a wake-up call to its customers by revealing it looks as though select clients were compromised via their encrypted gateways.

Enterprise software developer Proxmox Server Solutions GmbH has released Proxmox Mail Gateway 6.4, the latest version of its open-source email security solution. Proxmox Mail Gateway is a complete operating system based on Debian Buster 10.9, but using Linux kernel 5.4.106, which is under long term support status.

An ongoing phishing operation that stole an estimated 400,000 OWA and Office 365 credentials since December has now expanded to abuse new legitimate services to bypass secure email gateways. The attacks are part of multiple phishing campaigns collectively dubbed the "Compact" Campaign, active since early 2020 first detected by the WMC Global Threat Intelligence Team.

Several vulnerabilities have been identified in Pepperl+Fuchs Comtrol IO-Link Master industrial gateways, including flaws that researchers claim can be exploited to gain root access to a device and create backdoors. A researcher at Austria-based cybersecurity consultancy SEC Consult discovered five types of vulnerabilities in Pepperl+Fuchs Comtrol industrial products, including cross-site request forgery, reflected cross-site scripting, blind command injection, and denial-of-service issues.

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the "Zyfwp" username and the "PrOw!aN fXp" password.

CommScope announced it is expanding its industry leading Wi-Fi 6 home network gateway portfolio with the release of its NVG578LX 2.5G GPON Wi-Fi 6 residential gateway. The NVG578LX GPON home network gateway provides true gigabit speeds for the delivery of managed voice, video and data services.

Versa Networks announced a new capability connecting Versa Secure SD-WAN, on-premises, and cloud branches with applications and resources in Amazon Web Services using the new high-performance AWS Transit Gateway Connect feature, an AWS Transit Gateway attachment type that enables AWS customers to connect third-party SD-WAN hubs and network virtual appliances with AWS Transit Gateway. Versa Director now integrates with AWS Transit Gateway Connect APIs to deliver an automated, one-click solution for connecting Versa Secure SD-WAN, on-premises and multi-cloud branch locations to each other and with Amazon VPCs. Versa customers can now easily connect Versa Secure SD-WAN with AWS Transit Gateway for a high-performance and simplified connection between their branch offices, applications and resources in Amazon VPCs. The native integration with AWS Transit Gateway Connect allows customers to deploy high-bandwidth Versa Cloud Gateways in AWS leveraging the Versa centralized management and orchestration.

Hundreds of Tesla Powerwall Backup Gateways may have been exposed to remote hacker attacks from the internet, but Tesla says it has taken steps to reduce risks. Tesla Powerwall is an energy storage product for homes that uses a battery to store power from solar panels or the grid, ensuring that users continue to have power even during an outage.

IoT gateways are becoming an increasingly important link in the IoT security and device authentication value chain and emerging as a crucial conduit for intelligent operations across the entire IoT. The new wave of next-generation smart IoT gateways has arrived at an opportune time, enabling a breadth of novel security, intelligence, and authentication operations at the edge, causing IoT vendors to revisit their deployment and management strategies. According to ABI Research, there will be 21.4 million next-gen smart IoT gateways shipped in 2025.