Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

firewall

cloud
Bridging the gap between cloud vs on-premise security

With the proliferation of SaaS applications, remote work and shadow IT, organizations feel obliged to embrace cloud-based cybersecurity. And rightly so, because the corporate …

Juniper Networks
Juniper networking devices under attack

CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are …

Collaborative strategies are key to enhanced ICS security

In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). …

critical infrastructure
Rising OT/ICS cybersecurity incidents reveal alarming trend

60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according …

Juniper Networks SRX Firewalls
Juniper Networks fixes flaws leading to RCE in firewalls and switches

Juniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers …

Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

Zyxel
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after …

person
Is human threat hunting a fool’s errand?

We all have witnessed automated advances creep into our modern threat hunting processes – and with good reason. As the rate of cyberattacks steadily increases, automated …

Fortinet
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)

After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, …

Sophos
RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)

Sophos has patched an actively exploited remote code execution vulnerability (CVE-2022-3236) in its Firewall solutions, and has pushed the fix to customers who have automatic …

Zyxel
Critical flaw in Zyxel firewalls grants access to corporate networks (CVE-2022-30525)

A critical vulnerability (CVE-2022-30525) affecting several models of Zyxel firewalls has been publicly revealed, along with a Metasploit module that exploits it. Discovered …

wolf
HEAT attacks: A new class of cyber threats organizations are not prepared for

Web malware (47%) and ransomware (42%) now top the list of security threats that organizations are most concerned about. Yet despite the growing risks, just 27% have advanced …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools