Tenable

OCTOBER 12, 2020

CVE-2020-1631. CVE-2020-2021. CVE-2020-5902. CVE-2020-15505. CVE-2020-1472. This blog post was published on October 12 and reflects VPR at that time. Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon. MobileIron.

WAN 114

WAN Authentication Government Network 114

Tenable

APRIL 27, 2020

The attack targets the XG Firewall administration interface, which is accessible via the user portal, over HTTPs, or on the WAN zone. CVE-2020-12271 is a pre-authentication SQL injection vulnerability that exists in the Sophos XG Firewall/Sophos Firewall Operating System (SFOS). Source : "Asnarök" Trojan targets firewalls.

Firewall 101

Firewall WAN Operating System Systems Review 101

Tenable

OCTOBER 7, 2022

On October 6, the Cybersecurity and Infrastructure Security Agency (CISA) along with the National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory (CSA), identified as AA22-279A, outlining the top 20 CVEs exploited by the People’s Republic of China (PRC) state-sponsored threat actors since 2020.

WAN 52

WAN Software Review Authentication Systems Review 52

Tenable

JULY 22, 2020

On June 19, the Australian Cyber Security Centre (ACSC) published Advisory 2020-008 in response to reports that threat actors were targeting Australian government agencies and companies. Researchers at BishopFox published a blog post in December 2019 on CVE-2019-18935. Background.

WAN 96

WAN Software Review Authentication Government 96

Tenable

SEPTEMBER 17, 2020

CVE-2020-0688. CVE-2020-5902. This blog post was published on September 17 and reflects VPR at that time. The vulnerabilities in these alerts were disclosed between April 2019 and July 2020. Researchers Alyssa Herrera, Justin Wagner and Mimir published a blog post showing how this process works.

Software Review 102

Software Review Authentication Research Government 102

Tenable

FEBRUARY 4, 2021

Look for anomalous requests to: /cgi-bin/management That do not also have a preliminary request to: /__api__/v1/logon (200) /__api__/v1/logon/ /authenticate Indicating auth bypass. Both CVE-2020-5902 and CVE-2019-19781 are two of the Top 5 Vulnerabilities we highlighted in our 2020 Threat Landscape Retrospective report.

Mobile 53

Mobile Authentication Technical Review WAN 53

Tenable

AUGUST 25, 2021

Earlier this year, the Tenable Security Response Team (SRT) published our Threat Landscape Retrospective (TLR) report examining major trends from 2020. Citrix Application Delivery Controller (ADC), Gateway and SD-WAN WANOP. This blog post was published on August 25 and reflects VPR at that time. CVE-2019-11510. CVE-2018-13379.

Organization 99

Organization WAN Authentication Groups 99