Sophos Firewall RCE vulnerability (CVE-2022-3236) exploited the wild
Sophos has fixed a Sophos Firewall remote code execution (RCE) vulnerability (CVE-2022-3236) exploited in the wild.
Firewall
Juniper patches multiple vulnerabilities in Junos OS and other products (July 2021)
Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS, EX4300, PTX Series, QFX Series, SRX Series network devices and multiple other products.
3 good examples of how to apply the Zero Trust Security Model
The National Security Agency (NSA) has released new guidelines on the Zero Trust Security Model, a coordinated system management strategy that removes implicit trust in any one system or service and assumes breaches will or have already occurred.
High risk vulnerability in Zyxel firewalls and AP controllers exploited in the wild
Security experts have warned about a high risk hardcoded credential vulnerability in Zyxel firewalls and AP controllers. Some sources have confirmed that bad actors have already ramped up exploits against the vulnerability.
Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021)
Palo Alto Networks has issued a Critical security advisory for PAN-OS authentication bypass in SAML authentication vulnerability CVE-2020-2021.
Palo Alto Networks patches critical GlobalProtect RCE vulnerability (CVE-2019-1579)
Palo Alto Networks has patched a remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. These same products run on the Palo Alto Networks’ firewalls.