Tag: VPN
Cybersecurity Threat Advisory: Fortinet zero-day vulnerability
A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication and gain privileges. Keep reading this Cybersecurity Threat Advisory for information to keep your environment safe. What is the threat?...
Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN
A critical Ivanti Connect Secure VPN vulnerability, identified as CVE-2025-0282, was disclosed. Threat actors are actively exploiting it in the wild, primarily targeting organizations relying on Ivanti’s Zero Trust Access (ZTA) solutions. Review this Cybersecurity Threat Advisory to see how...
Cybersecurity Threat Advisory: New VPN client vulnerabilities to watch out for
Vulnerabilities were discovered in SonicWall NetExtender, CVE-2024-29014, and Palo Alto GlobalConnect, CVE-2024-5921, which can lead to remote code execution (RCE). Continue reading this Cybersecurity Threat Advisory to limit your exposure to these vulnerabilities. What is the threat? The vulnerabilities exhibit...
Cybersecurity Threat Advisory: SonicWall VPN vulnerability
Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks. Continue reading this Cybersecurity Threat Advisory to learn the tactics these groups are using and how you can reduce the risk of...
Staying cyber safe with CISA this summer
As sure as fireflies and fireworks mean summer, so do Cybersecurity and Infrastructure Security Agency (CISA) warnings and alerts. With parents shuttling kids to day camps, pool parties, and Disney World, summer is a prime time for cybercriminals to make...
Cybersecurity Threat Advisory: Cisco patches high-severity bug
Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...
Cybersecurity Threat Advisory: SonicWall vulnerable to DoS attacks
SonicWall firewalls are found to be vulnerable to two Denial of Service (DoS) attacks which can be caused by using the same vulnerable code pattern. Various research indicates SonicWall firewalls with management interfaces exposed online are vulnerable to one or...
Modern enterprises cannot rely on VPNs anymore
Is your company depending on VPNs to access documents, files, and applications remotely? Unfortunately, legacy VPN products no longer meet the security requirements of today’s global enterprise. Many employees often proactively install commercial VPNs that are not provided or sanctioned by...
Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices
Zyxel, a networking equipment manufacturer, has released urgent security updates to address critical vulnerabilities in their network-attached storage devices. CVE-2023-27992 (CVSS score: 9.8) has been declared as a pre-authentication command injection vulnerability. What is the threat? The threat involves multiple vulnerabilities...
Cybersecurity Threat Advisory: New remote control escalation vulnerability – updated
Fortinet recently released updates for several products utilizing SSL-VPN functionalities after discovering a critical vulnerability. The major flaw discovered gives the ability to an attacker to perform an unauthenticated remote code execution on devices. Barracuda SOC recommends updating Fortinet products...
