A firewall wake up call. [Research Saturday]
CyberWire Daily9 Nov 2024

A firewall wake up call. [Research Saturday]

Enjoy this special encore episode, where we are joined by Jon Williams from Bishop Fox, as he is sharing their research on "It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable." SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart after finding that NGFW series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities. The research states "Our research found that the two issues are fundamentally the same but exploitable at different HTTP URI paths due to reuse of a vulnerable code pattern." They also found that when they scanned SonicWall firewalls with management interfaces exposed to the internet, they found that 76% are vulnerable to one or both issues. The research can be found here: It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable Learn more about your ad choices. Visit megaphone.fm/adchoices

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(3676)

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping ...

28 Jun 33min

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Despite the space sector seeing greater investment and attention year-over-year, the sector still remains bound by an outdated and ineffective supply chain, especially in the United States. In this w...

28 Jun 27min

More bark than byte. [Research Saturday]

More bark than byte. [Research Saturday]

This week we are joined by Daniel Schwalbe, Chief Information Security Officer & Head of Investigations at DomainTools, discussing their work on "ZionSiphon OT Malware First Attempts? Psyops? Both?" R...

27 Jun 24min

Factory reset required.

Factory reset required.

Tata Electronics and Bajaj Auto continue recovery from cyberattacks. FCC tightens undersea cable rules to bolster national security. CISA warns of actively exploited PTC vulnerability. Gamaredon expan...

26 Jun 25min

Gone with the command.

Gone with the command.

International operation disrupts Amadey and StealC malware infrastructure. Australian spy chief warns nation-state hackers are prepositioning for future sabotage. Stealthy new backdoor may be tied to ...

25 Jun 25min

Klue me in on the breach.

Klue me in on the breach.

LastPass says Klue breach affected customer information, but passwords remain secure. Attackers begin exploiting Cisco Unified CM vulnerability. CISA flags actively exploited Ubiquiti and Lantronix fl...

24 Jun 28min

All eyes on AI.

All eyes on AI.

Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of Forti...

23 Jun 24min

The Klue is in the data trail.

The Klue is in the data trail.

Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Securit...

22 Jun 29min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
fotballpodden-2
forklart
stopp-verden
popradet
det-store-bildet
nokon-ma-ga
rss-espen-lee-usensurert
dine-penger-pengeradet
rss-gukild-johaug
lydartikler-fra-aftenposten
hanna-de-heldige
rss-penger-polser-og-politikk
rss-ness
aftenbla-bla
frokostshowet-pa-p5
e24-podden
rss-utenrikskomiteen-med-bogen-og-grasvik