FBI alert: APT actors exploit 0-Day FatPipe VPN vulnerabilities

Post published:November 21, 2021
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits Zero-days

The Federal Bureau of Investigation (FBI) has issued a report of advanced persistent threat (APT) actors exploiting 0-day FatPipe MPVPN networking devices since at least May of 2021.

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Post published:November 18, 2021
Post category:Cybersecurity Attacks Security Updates & Patches Vulnerabilities & Exploits

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Palo Alto Networks fixes Critical PAN-OS vulnerability (CVE-2021-3064)

Post published:November 13, 2021
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

Palo Alto Networks has fixed a Critical PAN-OS vulnerability (CVE-2021-3064) in GlobalProtect Portal and Gateway Interfaces.

Citrix addresses Critical DoS vulnerability in ADC and Citrix Gateway products

Post published:November 11, 2021
Post category:Security Updates & Patches Vulnerabilities & Exploits

Citrix has addressed a Critical unauthenticated denial of service (DoS) vulnerability CVE-2021-22955 in ADC and Citrix Gateway products.

NSA and CISA release guidance on securing remote access VPNs

Post published:September 29, 2021
Post category:Access Control Cybersecurity Articles Identity & Access Management Network Security

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Information Sheet selecting and securing remote access VPNs.

Threat actors breach South Korean atomic research institute via VPN vulnerability

Post published:June 22, 2021
Post category:Cybersecurity Attacks Data Breach Network Security Vulnerabilities & Exploits

Threat actors from suspected North Korea APT group Kimsuky breached a South Korean atomic research institute via a VPN vulnerability.

SonicWall releases new firmware updates for SMA 100 Series 10.X And 9.X products

Post published:February 24, 2021
Post category:Network Security Security Updates & Patches Vulnerabilities & Exploits

SonicWall has released a new firmware update for SMA 100 Series 10.X And 9.X products. The latest update supersedes previous urgent patches that fixed a zero-day vulnerability CVE-2021-20016 earlier this month.

FBI: Cyber criminals target employee credentials via voice phishing attacks

Post published:January 18, 2021
Post category:Cybercrime Cybersecurity Attacks Phishing

The FBI issued a private industry notification of cyber criminals targeting employee credentials via voice phishing or "vishing" attacks.

High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild

Post published:January 11, 2021
Post category:Authentication Network Security Vulnerabilities & Exploits

Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.

Hackers target 50K vulnerable Fortinet devices to steal passwords

Post published:November 27, 2020
Post category:Cybersecurity Attacks Network Security Password Management Security Updates & Patches Vulnerabilities & Exploits

Cybersecurity experts are warning hackers are targeting nearly 50,000 vulnerable unpatched Fortinet VPNs to steal passwords.