firewall

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

CISA KEV, exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls 2025-02-21 at 13:21 By Eduard Kovacs Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks. The post Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls appeared first on SecurityWeek. This article is an excerpt […]

React to this headline:

Loading spinner

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls Read More »

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability

exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability 2025-02-18 at 13:20 By Eduard Kovacs Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited. The post Palo Alto Networks Confirms Exploitation of Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability Read More »

SonicWall Firewall Vulnerability Exploited After PoC Publication

exploited, firewall, SonicWall, Vulnerabilities, vulnerability /

SonicWall Firewall Vulnerability Exploited After PoC Publication 2025-02-14 at 14:36 By Ionut Arghire The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published. The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

SonicWall Firewall Vulnerability Exploited After PoC Publication Read More »

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

exploited, firewall, Palo Alto Networks, Vulnerabilities /

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure 2025-02-14 at 13:24 By Eduard Kovacs Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure.  The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure Read More »

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability

firewall, Palo Alto Networks, PAN-OS, Vulnerabilities, vulnerability /

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability 2025-02-13 at 14:05 By Eduard Kovacs Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability. The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability Read More »

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Assetnote, Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, PoC, security update /

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation

React to this headline:

Loading spinner

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »

48,000+ internet-facing Fortinet firewalls still open to attack

Arctic Wolf Networks, Asia, Don't miss, enterprise, firewall, Fortinet, Hot stuff, Kroll, News, Shadowserver, USA /

48,000+ internet-facing Fortinet firewalls still open to attack 2025-01-22 at 14:34 By Zeljka Zorz Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to attack: over 48,000, according to data from the Shadowserver

React to this headline:

Loading spinner

48,000+ internet-facing Fortinet firewalls still open to attack Read More »

Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?

CloudSEK, cybercriminals, Data leak, Don't miss, enterprise, firewall, Fortinet, Germany, healthcare, Hot stuff, News, USA /

Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? 2025-01-16 at 13:03 By Zeljka Zorz A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor

React to this headline:

Loading spinner

Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? Read More »

Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)

0-day, Arctic Wolf Networks, Don't miss, enterprise, firewall, Fortinet, Hot stuff, News /

Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) 2025-01-14 at 19:21 By Zeljka Zorz Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that’s being exploited by attackers to compromise publicly-exposed FortiGate firewalls. While Fortinet acknowledged in-the-wild exploitation in the accompanying security advisory, they did share

React to this headline:

Loading spinner

Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591) Read More »

SafeLine: Open-source web application firewall (WAF)

Don't miss, firewall, GitHub, Hot stuff, News, open source, software, web application security /

SafeLine: Open-source web application firewall (WAF) 2024-12-04 at 07:38 By Mirko Zorz SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by monitoring and filtering HTTP/HTTPS traffic. More importantly, with the widespread

React to this headline:

Loading spinner

SafeLine: Open-source web application firewall (WAF) Read More »

2,000 Palo Alto Networks devices compromised in latest attacks

CVE, Don't miss, enterprise, firewall, Hot stuff, India, News, Palo Alto Networks, Shadowserver, USA /

2,000 Palo Alto Networks devices compromised in latest attacks 2024-11-21 at 13:27 By Zeljka Zorz Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predominantly located in the US and India, the nonprofit says. Manual and

React to this headline:

Loading spinner

2,000 Palo Alto Networks devices compromised in latest attacks Read More »

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

0-day, CVE, Don't miss, enterprise, firewall, Hot stuff, News, Palo Alto Networks /

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) 2024-11-18 at 17:33 By Zeljka Zorz Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as zero-days. About the vulnerabilities (CVE-2024-0012, CVE-2024-9474) CVE-2024-0012 stems from missing authentication for a critical

React to this headline:

Loading spinner

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) Read More »

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)

Censys, CISA, configuration management, Don't miss, enterprise, firewall, Horizon3.ai, Hot stuff, News, Palo Alto Networks /

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) 2024-11-15 at 13:16 By Zeljka Zorz Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root

React to this headline:

Loading spinner

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) Read More »

Enhancing firewall management with automation tools

automation, Compliance, cybersecurity, Don't miss, Features, firewall, Hot stuff, News, opinion, Tufin /

Enhancing firewall management with automation tools 2024-10-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Raymond Brancato, CEO at Tufin, discusses the considerations organizations must weigh when selecting a next-generation firewall to effectively balance security needs with network performance. What factors should organizations prioritize when selecting a next-generation firewall to balance security

React to this headline:

Loading spinner

Enhancing firewall management with automation tools Read More »

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

Arctic Wolf Networks, CISA, Don't miss, firewall, Hot stuff, News, Ransomware, Rapid7, SonicWall, vulnerability /

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) 2024-09-10 at 15:31 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming it is being actively exploited by attackers. Though the

React to this headline:

Loading spinner

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766) Read More »

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

exploited, firewall, SonicWall, Vulnerabilities /

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild 2024-09-06 at 16:17 By Eduard Kovacs SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild. The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild Read More »

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)

access point, consumer, Don't miss, firewall, Hot stuff, ISP, News, router, security update, SMBs, vulnerability, Zyxel /

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) 2024-09-03 at 16:01 By Zeljka Zorz Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by

React to this headline:

Loading spinner

Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) Read More »

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

access control, CVE, Don't miss, firewall, Hot stuff, News, security update, SonicWall, vulnerability /

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) 2024-08-26 at 21:32 By Zeljka Zorz SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is an improper access control vulnerability in the “SonicWall SonicOS

React to this headline:

Loading spinner

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) Read More »

How network segmentation can strengthen visibility in OT networks

communication, cybersecurity, DirectDefense, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, network, News, opinion, Risk Management, strategy, vulnerability management /

How network segmentation can strengthen visibility in OT networks 2024-08-08 at 07:31 By Help Net Security What role does the firewall play in the protection of operational technology (OT) networks and systems? Many would say that it’s the defensive mechanism to protect that environment from IT and the outside world. For the operators responsible for

React to this headline:

Loading spinner

How network segmentation can strengthen visibility in OT networks Read More »

NethSecurity: Open-source Linux firewall

Don't miss, firewall, Hot stuff, Linux, News, open source, software /

NethSecurity: Open-source Linux firewall 2024-06-03 at 07:31 By Mirko Zorz NethSecurity is a free, open-source Linux firewall that simplifies network security deployment. It integrates various security features into one platform, including firewalling, intrusion detection and prevention, antivirus, multi-WAN, DNS, and content filtering. NethSecurity has an intuitive interface that delivers real-time insights and control over network

React to this headline:

Loading spinner

NethSecurity: Open-source Linux firewall Read More »

Scroll to Top