Turning plain language into firewall rules 2026-01-06 at 09:00 By Sinisa Markovic Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into vendor specific firewall syntax usually involves detailed knowledge of zones, objects, ports, and rule […]
Turning plain language into firewall rules Read More »
WatchGuard Patches Firebox Zero-Day Exploited in the Wild 2025-12-22 at 15:09 By Ionut Arghire The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
WatchGuard Patches Firebox Zero-Day Exploited in the Wild Read More »
WatchGuard Firebox firewalls under attack (CVE-2025-14733) 2025-12-22 at 13:24 By Zeljka Zorz More than 115,000 internet-facing WatchGuard Firebox firewalls may be vulnerable to compromise via CVE-2025-14733, a remote code execution vulnerability actively targeted by attackers, Shadowserver’s latest scanning reveals. About CVE-2025-14733 WatchGuard Firebox firewalls, which also incorporate VPN and unified threat management capabilities, are used
WatchGuard Firebox firewalls under attack (CVE-2025-14733) Read More »
Anubis: Open-source web AI firewall to protect from scraper bots 2025-12-22 at 08:49 By Sinisa Markovic Anubis is an open-source tool designed to protect websites from automated scraping and abusive traffic by adding computational friction before a request is served. Maintained by TecharoHQ, the project targets a growing problem for site operators who want to
Anubis: Open-source web AI firewall to protect from scraper bots Read More »
Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718) 2025-12-17 at 16:31 By Zeljka Zorz Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf researchers warned on Tuesday. Configuration files can expose information about
Product showcase: GlassWire mobile firewall for Android 2025-12-16 at 08:10 By Anamarija Pogorelec GlassWire is a free network monitoring and security application for Windows and Android. It lets you see how your system communicates over the internet and local network. The Windows version also offers a Premium tier with advanced features, while the Android app
Product showcase: GlassWire mobile firewall for Android Read More »
Portmaster: Open-source application firewall 2025-12-03 at 08:11 By Anamarija Pogorelec Portmaster is a free and open source application firewall built to monitor and control network activity on Windows and Linux. The project is developed in the EU and is designed to give users stronger privacy without asking them to manage every rule by hand. A
Portmaster: Open-source application firewall Read More »
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance 2025-11-21 at 14:41 By Ionut Arghire The vulnerabilities could be exploited to cause a denial-of-service (DoS) condition, execute arbitrary code, or access arbitrary files and directories. The post SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance appeared first on SecurityWeek. This article is an excerpt
SonicWall Patches High-Severity Flaws in Firewalls, Email Security Appliance Read More »
Critical WatchGuard Firebox Vulnerability Exploited in Attacks 2025-11-13 at 14:40 By Ionut Arghire Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical WatchGuard Firebox Vulnerability Exploited in Attacks Read More »
SonicWall cloud backup hack was the work of a state actor 2025-11-06 at 15:30 By Zeljka Zorz Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored threat actor (though the specific nation wasn’t disclosed). “[The incident] was isolated
SonicWall cloud backup hack was the work of a state actor Read More »
Attackers compromised ALL SonicWall firewall configuration backup files 2025-10-09 at 15:41 By Zeljka Zorz The attackers who brute-forced their way into SonicWall’s firewall cloud backup service accessed configuration backup files of all customers who have used the service, SonicWall stated on Wednesday, following the conclusion of a Mandiant-supported investigation into the incident. Early reports suggested
Attackers compromised ALL SonicWall firewall configuration backup files Read More »
All SonicWall Cloud Backup Users Had Firewall Configurations Stolen 2025-10-09 at 11:30 By Ionut Arghire In early September, hackers stole the firewall configuration backup files stored using the MySonicWall service. The post All SonicWall Cloud Backup Users Had Firewall Configurations Stolen appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
All SonicWall Cloud Backup Users Had Firewall Configurations Stolen Read More »
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts 2025-10-01 at 13:36 By Zeljka Zorz Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 vulnerable appliances out there. The number is provided by
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts Read More »
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks 2025-09-26 at 14:19 By Zeljka Zorz A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and Australian cybersecurity agencies. The suspected state-sponsored threat actor behind it is believed to be the one
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks Read More »
Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks 2025-09-26 at 10:20 By Ionut Arghire Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot. The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek. This article is an excerpt
Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks Read More »
SonicWall says attackers compromised some firewall configuration backup files 2025-09-18 at 18:49 By Zeljka Zorz Between attackers exploiting 0-day and n-day vulnerabilities in the company’s firewalls and Secure Mobile Access appliances, SonicWall and its customers have had a tough year. And, unfortunately for them, the troubles are not over: unknown attackers have managed to brute-force
SonicWall says attackers compromised some firewall configuration backup files Read More »
SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations 2025-09-18 at 13:33 By Ionut Arghire The company sent a new preferences file to less than 5% of customers, urging them to import it into firewalls and reset their passwords. The post SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations appeared first on SecurityWeek. This
SonicWall Prompts Password Resets After Hackers Obtain Firewall Configurations Read More »
Brute-force attacks hammer Fortinet devices worldwide 2025-08-14 at 17:05 By Zeljka Zorz A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network
Brute-force attacks hammer Fortinet devices worldwide Read More »
SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability 2025-08-07 at 20:23 By Eduard Kovacs SonicWall has been investigating reports about a zero-day potentially being exploited in ransomware attacks, but found no evidence of a new vulnerability. The post SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt
SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability Read More »
SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls 2025-08-07 at 14:34 By Zeljka Zorz Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which