A firewall wake up call. [Research Saturday]
CyberWire Daily20 Jan 2024

A firewall wake up call. [Research Saturday]

Jon Williams from Bishop Fox is sharing their research on "It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable." SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart after finding that NGFW series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities. The research states "Our research found that the two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern." They also found that when they scanned SonicWall firewalls with management interfaces exposed to the internet, they found that 76% are vulnerable to one or both issues. The research can be found here: It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable Learn more about your ad choices. Visit megaphone.fm/adchoices

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(3690)

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

As the world prepares itself for quantum computing, governments and private space enterprises alike are looking to get ahead of the technology and manage the rapidly-accelerating risks. In this week’...

12 Jul 21min

Conti-versal opinions. [Research Saturday]

Conti-versal opinions. [Research Saturday]

Today we are joined by Geoff White, host of Cyber Hack and BBC journalist, taking a deep dive into the Conti ransomware gang. Geoff explores an in-depth investigation into the notorious Conti ransomwa...

11 Jul 29min

GoshDarn it, that’s advanced.

GoshDarn it, that’s advanced.

Researchers track ransomware they say is getting GoshDarn sophisticated. Zimbra patches a critical vulnerability affecting its Classic Web Client. A sophisticated vishing campaign targeting Microsoft ...

10 Jul 25min

Who you gonna call?

Who you gonna call?

GhostApproval puts AI coding assistants under the microscope. Microsoft fixes the RoguePlanet zero-day. More than 70 cybersecurity firms back a new AI Charter. An Ohio county may have paid a $1 millio...

9 Jul 24min

Azure you concerned?

Azure you concerned?

Accenture confirms a data breach. An Australian telecom investigates a nationwide outage. It’s shields up for the UK. CISA eyes September for its critical infrastructure reporting rule. NewsJunkie fak...

8 Jul 26min

Welcome home, hacker.

Welcome home, hacker.

CERT/CC warns of an unpatched Tenda router backdoor. Adobe races to patch an actively exploited ColdFusion flaw. Canada pulls back the curtain on offensive cyber operations. Anthropic quietly removes ...

7 Jul 27min

NetNut gets cracked.

NetNut gets cracked.

The FBI disrupts a major residential proxy service. Attackers exploit Fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS infostealer masquerade...

6 Jul 28min

Commercializing space. [T-Minus: Space-Cyber Briefing]

Commercializing space. [T-Minus: Space-Cyber Briefing]

Over the past two decades, the space industry has changed dramatically, evolving from a largely government led effort to one that is now rooted in private enterprises driving growth and innovation. I...

5 Jul 24min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden-usa
aftenpodden
fotballpodden-2
forklart
popradet
stopp-verden
det-store-bildet
rss-gukild-johaug
hanna-de-heldige
rss-ness
nokon-ma-ga
dine-penger-pengeradet
aftenbla-bla
lydartikler-fra-aftenposten
rss-penger-polser-og-politikk
rss-utenrikskomiteen-med-bogen-og-grasvik
ta-dokumentar
e24-podden
rss-espen-lee-usensurert