Tag: VPN

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Moxa fixes severe authentication flaws

Cybersecurity Threat Advisory: Moxa fixes severe authentication flaws

Moxa has issued a security advisory highlighting critical authorization vulnerabilities in several switch models, tracked as CVE-2024-12297, with a CVSS score of 9.2. Review the details of this Cybersecurity Threat Advisory to understand how to mitigate the impact of authentication...

/ March 13, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Brute force attack targeting edge devices

Cybersecurity Threat Advisory: Brute force attack targeting edge devices

The Shadowserver Foundation uncovered a large brute force attack, with approximately 2.8 million IPs launching attacks on edge devices like firewalls, routers, and VPNs. Continue to read this Cybersecurity Threat Advisory to learn how you can mitigate the risks of...

/ February 18, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerabilities in VPNs and routers

Cybersecurity Threat Advisory: Critical vulnerabilities in VPNs and routers

Critical vulnerabilities have been discovered in multiple tunneling protocols, potentially exposing approximately 4.2 million hosts. These include a wide range of devices such as Virtual Private Networks (VPNs), Internet Service Provider (ISP) home routers, core internet routers, mobile network gateways,...

/ January 27, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability

Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability

A pre-authentication deserialization vulnerability has been discovered in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) and is already being used in zero-day attacks. Review the details within this Cybersecurity Threat Advisory to protect your organization. What...

/ January 24, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

Cybersecurity Threat Advisory: Fortinet zero-day vulnerability

A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication and gain privileges. Keep reading this Cybersecurity Threat Advisory for information to keep your environment safe. What is the threat?...

/ January 15, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN

Cybersecurity Threat Advisory: Active exploitation of Ivanti’s Connect Secure VPN

A critical Ivanti Connect Secure VPN vulnerability, identified as CVE-2025-0282, was disclosed. Threat actors are actively exploiting it in the wild, primarily targeting organizations relying on Ivanti’s Zero Trust Access (ZTA) solutions. Review this Cybersecurity Threat Advisory to see how...

/ January 13, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New VPN client vulnerabilities to watch out for

Cybersecurity Threat Advisory: New VPN client vulnerabilities to watch out for

Vulnerabilities were discovered in SonicWall NetExtender, CVE-2024-29014, and Palo Alto GlobalConnect, CVE-2024-5921, which can lead to remote code execution (RCE). Continue reading this Cybersecurity Threat Advisory to limit your exposure to these vulnerabilities. What is the threat? The vulnerabilities exhibit...

/ December 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SonicWall VPN vulnerability

Cybersecurity Threat Advisory: SonicWall VPN vulnerability

Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks. Continue reading this Cybersecurity Threat Advisory to learn the tactics these groups are using and how you can reduce the risk of...

/ October 29, 2024
CISA
Staying cyber safe with CISA this summer

Staying cyber safe with CISA this summer

As sure as fireflies and fireworks mean summer, so do Cybersecurity and Infrastructure Security Agency (CISA) warnings and alerts. With parents shuttling kids to day camps, pool parties, and Disney World, summer is a prime time for cybercriminals to make...

/ June 10, 2024 / 7 Comments
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco patches high-severity bug

Cybersecurity Threat Advisory: Cisco patches high-severity bug

Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...

/ March 9, 2024