Certified Information Governance Officers Association’s Post

Users must install the fixes as soon as possible since SonicWall has disclosed that a significant security hole affecting SonicOS that was just patched may be actively exploited. With a maximum score of 10, the vulnerability, identified as CVE-2024-40766, has a CVSS score of 9.3. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash,” SonicWall said in an updated advisory. #cybersecurity #sonicwall #firewall #vulnerability #sslvpn

The past twelve months have witnessed an unsettling surge in vulnerabilities impacting key firewall and VPN providers, casting a dark shadow over the reliability of conventional remote access solutions. Now is the time for businesses to take action and consider the switch to ZTNA, to better protect their networks from the growing threat of cyber attacks. In VMblog, Jaye Tillson shares why ZTNA is a more secure alternative to legacy VPN solutions: https://lnkd.in/gwhf3bbh #Cybersecurity #ZTNA #VPN #Firewall #CVE

Over the weekend, our #cybersecurity team published a defense digest regarding a recent SonicWall vulnerability. Read the latest in our notice -> https://bit.ly/47lPSJh #businessresilience #firewalls #ITvulnerabilities

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash," SonicWall said in an updated advisory. Stay connected to Aashay Gupta, CISM, GCP for content related to Cybersecurity. #LinkedIn #Cybersecurity #Cloudsecurity #AWS #GoogleCloud #Trends #informationprotection #Cyberthreats #CEH #ethicalhacker #hacking #cloudsecurity #productmanagement #cybersecurity #appsec #devsecops

For all my friends leveraging PA Firewalls, even though there isn’t an official ‘patch’, you can essentially block this attack by disabling device telemetry until a patch is out. Which sounds like it’ll be next week. Details on the workaround in this article. And hey, at least it’s not 4pm on Friday yet. Well, in the US anyway. Stay safe out there. #cybersecurity #paloalto #firewall #criticalvulnerability #networksecurity

Are you ready to upgrade your security? Say goodbye to the VPN and discover the future! 🔒 Dig into the benefits of Zero Trust Network Access (ZTNA) with Karen D. Schwartz here: https://ift.tt/vsnAQUc #cybersecurity #ZTNA

#PaloAlto users, be on the lookout! Researchers have discovered a critical zero-day vulnerability (CVE-2021-3064) in Palo Alto Networks’ GlobalProtect firewall. This vulnerability allows unauthenticated remote code execution (RCE) on multiple versions of PAN-OS 8.1 prior to 8.1.17, affecting an estimated 10,000 vulnerable firewalls. If successfully exploited, an attacker gains control over the firewall, accessing sensitive configuration data and credentials. Palo Alto has issued patches to address this security flaw. https://lnkd.in/guAqmSPE #RCE #Firewall #Vulnerability #YourPartnerInSuccess

Check Point Warns of Zero-Day Attacks on its VPN Gateway Products - The Hacker News: Check Point Warns of Zero-Day Attacks on its VPN Gateway Products  The Hacker News #CyberSecurity #InfoSec #SecurityInsights

Latest wave of attacks on firewall and VPNs focused on “brute-force" password guessing tactics. According to researchers, it may lead to unauthorized network access, account lockouts, or denial-of-service conditions. VPN gateways serve as critical entry points into corporate networks, making it prime targets for attackers. Securing these gateways with robust authentication measures and regular updates is crucial. See full article: https://hubs.li/Q02tt6XD0 #CyberSecurity #ITmanagement #TechTalk #ITSecurity #Firewall #VPN #MDR #DataProtection

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash," SonicWall said in an updated advisory. Stay Connected to Sidharth Sharma, CPA, CISA, CISM, CFE, CDPSE for content related to Cyber Security. #CyberSecurity #JPMC #Technology #InfoSec #DataProtection #DataPrivacy #ThreatIntelligence #CyberThreats #NetworkSecurity #CyberDefense #SecurityAwareness #ITSecurity #SecuritySolutions #CyberResilience #DigitalSecurity #SecurityBestPractices #CyberRisk #SecurityOperations