FIREWALL – Cybersecurity News Everyday

Cisco warns of denial of service flaw with PoC exploit code

January 23, 2025 CybersecurityNews

Summary: Cisco has issued security updates to address a denial-of-service (DoS) vulnerability in ClamAV, tracked as CVE-2025-20128, which could allow remote attackers to crash the antivirus scanning process. Although proof-of-concept exploit code is available, there is currently no evidence of active exploitation in the wild. The vulnerability affects the Secure Endpoint Connector software across various platforms, but overall system stability remains intact even if the vulnerability is exploited.…

Cyber Security News

Indonesia at the Center of Global Cybersecurity Threats: Murdoc Botnet and DDoS Attacks Exploit IoT Vulnerabilities

January 22, 2025 admin

In recent months, Indonesia has emerged as a significant hotspot in the global cybersecurity landscape, as cybercriminals exploit vulnerabilities in Internet of Things (IoT) devices to launch large-scale distributed denial-of-service (DDoS) attacks. A new variant of the infamous Mirai botnet, dubbed Murdoc Botnet, has been actively targeting IoT devices, including AVTECH IP cameras and Huawei HG532 routers, with Indonesia being one of the most affected countries.…

Cyber Security News

ChatGPT Crawler Vulnerability can Enable DDoS Attacks via HTTP Requests

January 22, 2025 Cyware

Summary: A vulnerability in ChatGPT’s web crawler can be exploited to launch DDoS attacks on arbitrary websites by sending a single HTTP request to the ChatGPT API. Cybersecurity researcher Benjamin Flesch highlighted that this flaw allows the crawler to generate an overwhelming number of requests to a target site, potentially flooding it with traffic.…

Info Data Leak

Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks

January 22, 2025 LeakNews

Summary: Recent spinoffs of the Mirai botnet are causing a surge in distributed denial-of-service (DDoS) attacks worldwide, particularly targeting IoT devices. The Murdoc botnet, which exploits vulnerabilities in specific devices, and another botnet combining Mirai and Bashlite malware, are both contributing to this ongoing threat. Researchers emphasize the importance of robust defenses against these evolving cyberattacks.…

Threat Research

Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk

January 21, 2025 Cyble

Fortinet has issued a critical advisory for a severe authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS and FortiProxy products, enabling attackers to gain super-admin privileges. This flaw is actively exploited and has a high CVSSv3 score of 9.6. Organizations are urged to upgrade their systems immediately to mitigate risks.…

Cyber Security News

ChatGPT crawler flaw opens door to DDoS, prompt injection • The Register

January 20, 2025January 20, 2025 admin

Summary: A security researcher has identified a vulnerability in OpenAI’s ChatGPT API that could allow attackers to initiate distributed denial of service (DDoS) attacks on targeted websites. By exploiting the API’s lack of URL deduplication and request limits, attackers can amplify a single request into thousands of requests directed at a victim’s site.…

Cyber Security News

HPE Aruba Networking Addresses Security Vulnerabilities in AOS Systems

January 20, 2025 Cyware

Summary: HPE Aruba Networking has released a security advisory regarding multiple vulnerabilities in its ArubaOS systems, which could allow attackers to execute unauthorized commands or overwrite system files. Two critical vulnerabilities have been identified, both with a CVSS score of 7.2, affecting the web-based management interface and the command-line interface.…

Trash

Weekly Cybersecurity Roundup: January 13, 2025 – January 19, 2025

January 20, 2025January 20, 2025 iocOne

A series of critical vulnerabilities have been reported across various platforms, including Aviatrix Controller and Microsoft 365 applications, leading to significant security risks such as unauthorized access and data breaches. Additionally, a new phishing tactic targeting Apple iMessage users and a malicious PyPi package aimed at Discord developers have emerged, highlighting the evolving threat landscape.…

Threat Research

Detecting and mitigating CVE-2024-12084: rsync remote code execution

January 18, 2025 Sysdig

On January 14, 2025, multiple vulnerabilities were discovered in the rsync utility, with CVE-2024-12084 being the most critical as it allows for remote code execution. This article discusses detection and mitigation strategies for this vulnerability. Affected: rsync

Keypoints :

Six vulnerabilities were announced affecting the rsync utility.…

Info Data Leak

15K Fortinet Device Configs Leaked to the Dark Web

January 18, 2025January 18, 2025 DarkReading

Summary: A significant data leak involving configuration data and VPN credentials for over 15,000 Fortinet devices has surfaced on the Dark Web, attributed to the Belsen Group. This incident follows the disclosure of a critical authentication bypass vulnerability in Fortinet’s systems, which was exploited to gather the leaked data.…

Threat Research

IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024

January 18, 2025 TrendMicro

This article discusses the ongoing large-scale DDoS attacks orchestrated by an IoT botnet that exploits vulnerable devices, primarily targeting companies in Japan and other countries. The botnet utilizes malware derived from Mirai and Bashlite, affecting various sectors and employing multiple DDoS attack methods. Affected: Japan, North America, Europe

Keypoints :

Large-scale DDoS attacks monitored since the end of 2024.…

Threat Research

Mercedes-Benz Head Unit security research report

January 17, 2025 SecureList

This report details the vulnerabilities discovered in the Mercedes-Benz User Experience (MBUX) infotainment system, particularly focusing on the first generation of MBUX subsystems. The research highlights the importance of diagnostic software, the architecture of MBUX, and the various attack vectors identified during testing. Affected: Mercedes-Benz MBUX

Keypoints :

Research focused on the first generation of MBUX infotainment system.…

Cyber Security News

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation

January 17, 2025 TheHackerNews

Summary: Cybersecurity researchers have uncovered a campaign targeting PHP-based web servers to promote gambling sites in Indonesia, utilizing Python-based bots for exploitation. The attacks leverage GSocket to establish communication channels and redirect users searching for gambling services to malicious domains. This coordinated effort has been linked to a broader malware campaign affecting thousands of sites globally.…

Info Data Leak

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

January 17, 2025January 18, 2025 TheHackerNews

Summary: Recent data breaches have underscored the urgent need for enhanced security in guest Wi-Fi infrastructures across organizations. As businesses strive to balance network protection with convenient access for guests and employees, implementing secure guest Wi-Fi solutions has become essential. The integration of zero-trust architecture with cloud-based captive portals offers a robust framework for safeguarding sensitive data while ensuring compliance and operational continuity.…

Info Data Leak

CISA warns of exploited Fortinet bugs as Microsoft issues its biggest Patch Tuesday in years

January 17, 2025January 18, 2025 RecordedFuture

Summary: A zero-day vulnerability in FortiGate firewalls is actively being exploited by hackers, prompting urgent action from the federal government and cybersecurity firms. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies patch this vulnerability by January 21, highlighting its critical nature. Additionally, concerns have been raised about an older vulnerability that has recently led to the leak of configurations for thousands of FortiGate devices.…

Cyber Security News

W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

January 17, 2025 BleepingComputer

Summary: A critical vulnerability in the W3 Total Cache plugin, used by over a million WordPress sites, could allow attackers to access sensitive information and perform unauthorized actions. Despite a patch being released, many sites remain unprotected, leaving them open to exploitation. The flaw, tracked as CVE-2024-12365, poses significant risks including Server-Side Request Forgery (SSRF) and information disclosure.…

Threat Research

Fortinet firewalls hit with new zero-day attack, older data leak

January 17, 2025 Rapid7

Rapid7 is investigating two significant incidents affecting Fortinet firewall users: a zero-day vulnerability (CVE-2024-55591) that allows remote attackers to gain super-admin privileges and a data leak involving 15,000 FortiGate firewalls. The leaked data, which includes sensitive information, is believed to be from incidents dating back to 2022.…

Cyber Security News

Fortinet Fixes FortiOS Zero-Day Exploited by Attackers for Months

January 16, 2025 Cyware

Summary: Fortinet has addressed a critical authentication bypass vulnerability (CVE-2024-55591) in its FortiOS firewalls and FortiProxy web gateways, which has been actively exploited by attackers as a zero-day. The vulnerability allows remote attackers to gain super-admin privileges, enabling them to execute unauthorized commands. Organizations are urged to upgrade to patched versions and monitor for indicators of compromise due to the ongoing threat from state-sponsored hackers.…

Threat Research

15K Fortigate Firewall Configs Leaked By Belsen Group: Dumped Using Zero-Day in 2022

January 16, 2025 CloudSek

A recent leak of over 15,000 Fortigate firewall configurations has raised concerns about the security of devices vulnerable to CVE-2024-55591 and CVE-2022-40684. The threat actor known as “Belsen_Group” is believed to have exploited these vulnerabilities and subsequently leaked the configurations in January 2025. Organizations are urged to check their exposure and take necessary mitigation steps.…

Tag: FIREWALL