EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) 13/12/2023 at 14:17 By Zeljka Zorz Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. “In December […]
React to this headline:
Bridging the gap between cloud vs on-premise security 01/12/2023 at 08:03 By Help Net Security With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate resources, traffic, and threats are no longer confined within the office premises. Cloud-based security initiatives, such
React to this headline:
Bridging the gap between cloud vs on-premise security Read More »
Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices 30/11/2023 at 20:18 By Ryan Naraine Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. The post Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Read More »
Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained
React to this headline:
Juniper networking devices under attack Read More »
Collaborative strategies are key to enhanced ICS security 14/11/2023 at 08:32 By Mirko Zorz In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). Our conversation will explore the importance of cross-departmental collaboration, balancing security with system functionality, and the dynamic nature
React to this headline:
Collaborative strategies are key to enhanced ICS security Read More »
Rising OT/ICS cybersecurity incidents reveal alarming trend 14/09/2023 at 06:01 By Help Net Security 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according to Rockwell Automation. This corroborates other industry research showing OT/ICS (Industrial Control Systems) cybersecurity incidents are
React to this headline:
Rising OT/ICS cybersecurity incidents reveal alarming trend Read More »
Juniper Networks fixes flaws leading to RCE in firewalls and switches 22/08/2023 at 11:46 By Helga Labus Juniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers to achieve remote code execution (RCE) on the company’s SRX firewalls and EX switches. The fixed Junos OS
React to this headline:
Juniper Networks fixes flaws leading to RCE in firewalls and switches Read More »
Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities 05/06/2023 at 16:47 By Ionut Arghire Zyxel urges customers to update ATP, USG Flex, VPN, and ZyWALL/USG firewalls to prevent exploitation of recent vulnerabilities. The post Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities Read More »
Zyxel firewalls under attack by Mirai-like botnet 01/06/2023 at 11:52 By Zeljka Zorz CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CVE-2023-28771 is a vulnerability that allows unauthenticated attackers to execute OS
React to this headline:
Zyxel firewalls under attack by Mirai-like botnet Read More »
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771) 22/05/2023 at 14:05 By Zeljka Zorz A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a
React to this headline:
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771) Read More »
Is human threat hunting a fool’s errand? 15/05/2023 at 12:11 By Help Net Security We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker security
React to this headline:
Is human threat hunting a fool’s errand? Read More »
BlackBit Ransomware: A Threat from the Shadows of LokiLocker 07/05/2023 at 18:24 By cybleinc CRIL conducts a deep dive analysis into BlackBit, a ransomware variant based on the notorious LokiLocker ransomware. The post BlackBit Ransomware: A Threat from the Shadows of LokiLocker appeared first on Cyble. This article is an excerpt from Cyble View Original
React to this headline:
BlackBit Ransomware: A Threat from the Shadows of LokiLocker Read More »