When the news broke that a Chinese hacking group known as Salt Typhoon had penetrated multiple U.S. telecommunications networks, gained access to the phones of a presidential campaign, and collected geolocation data on high-value targets around Washington D.C., one of the first questions on the minds of executives and U.S. officials was how long it…
Category: virtual private network (VPN)
Check Point, CISA, cisco, CVE, Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), exploit, Exploits, firewall, Fortinet, Global Security News, Mandiant, Palo Alto Networks, Rapid7, Research, sonicwall, Technology, Threats, virtual private network (VPN), vulnerabilities
SonicWall customers confront resurgence of actively exploited vulnerabilities
Vulnerabilities are proliferating in SonicWall devices and software this year, putting the vendor’s customers at risk of intrusion via secure access gateways and firewalls. The year started off on a sour note for the California-based company when it released security advisories for nine vulnerabilities on Jan. 7. The total number of vulnerabilities publicly disclosed by…
Cybercrime, Cybersecurity, exploit, Exploits, firewall, Fortinet, Global Security News, Google Threat Intelligence Group, ivanti, Mandiant, Palo Alto Networks, Ransomware, Research, routers, Threats, virtual private network (VPN), vulnerabilities
Attackers hit security device defects hard in 2024
Attackers are having a field day with software defects in security devices, according to a new report released Wednesday by Mandiant Exploits were the most common initial infection vector, representing 1 of every 3 attacks in 2024, and the four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and…
china, CISA, cisco, citrix, CVE, Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), espionage, exploit, Exploits, firewall, firewalls, Fortinet, Gartner, Global Security News, Google Threat Intelligence Group, ivanti, known exploited vulnerabilities (KEV), Mandiant, National Vulnerability Database, NIST, Palo Alto Networks, Rapid7, Research, routers, Technology, Threats, virtual private network (VPN), VulnCheck, vulnerabilities, vulnerability disclosure, zero days
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular — Ivanti — have confronted exploited vulnerabilities in their products more than any…
backdoor, Cybersecurity, espionage, Europe, FreeBSD, Global Security News, Juniper Networks, Lumen Technologies, routers, Threats, virtual private network (VPN)
New backdoor discovered that specifically targets Juniper routers
Researchers at Black Lotus Labs have uncovered an operation where a back door is dropped onto enterprise-grade Juniper Networks routers and listens for specific network signals, known as “magic packets,” to execute malicious commands. The campaign, which researchers at the cybersecurity wing of Lumen Technologies refer to as “J-Magic,” was active between mid-2023 and mid-2024.…