Zyxel users still getting hacked by DDoS botnet emerge as public nuisance No. 1 - Enlarge (credit: Aurich Lawson / Ars Technica)

Organizations t... - https://arstechnica.com/?p=1955893 #vulnerability #security #exploit #biz⁢ #botnet #zyxel

Zyxel rilascia una patch per una bug con severity 9.8. Togliete i dispositivi da internet!

Gli sviluppatori di #Zyxel hanno rilasciato un #aggiornamento non programmato che corregge una #vulnerabilità critica nei #dispositivi #NAS. Il problema può portare all’esecuzione di comandi arbitrari sui #sistemi interessati.

Il #bug è stato identificato come CVE-2023-27992 (punteggio CVSS di 9,8) ed è descritto come una #vulnerabilità di #iniezione di comandi di pre-autenticazione.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/zyxel-rilascia-una-patch-per-una-bug-con-severity-9-8-togliete-i-dispositivi-da-internet/

Top NAS devices are being targeted by this dangerous #malware #Zyxel #Linux #cybersecurity #infosec https://www.techradar.com/news/top-nas-devices-are-being-targeted-by-this-dangerous-malware @techradar

Il bug RCE sui firewall Zyxel è ora sfruttato attivamente. Anche la CISA Avverte di patchare

Gli #esperti hanno avvertito che la #vulnerabilità critica monitorata dal CVE-2023-28771nei #firewall #Zyxel, della quale avevamo riportato in precedenza.Tale falla di sicurezza è già stata sfruttata dagli hacker. In particolare, la #botnet #Mirai utilizza attivamente il nuovo #bug.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/il-bug-rce-sui-firewall-zyxel-e-ora-sfruttato-attivamente-anche-la-cisa-avverte-di-patchare/

If you missed this:

Researchers tell owners to “assume compromise” of unpatched #Zyxel firewalls #cybersecurity https://arstechnica.com/information-technology/2023/05/researchers-tell-owners-to-assume-compromise-of-unpatched-zyxel-firewalls/ @arstechnica @dangoodin

Researchers tell owners to “assume compromise” of unpatched Zyxel firewalls - Enlarge (credit: Getty Images)

Firewalls made by Zyxel are bei... - https://arstechnica.com/?p=1943400 #vulnerabilities #firewalls #security #exploits #biz⁢ #zyxel

Zyxel e Compass: scoprire i fondamenti del networking, un nuovo webinar
Dopo il riscontro davvero positivo del primo webinar, lo scorso 17 maggio, torna con una nuova data, quella del prossimo 21 giugno, "Fondamenti del...
https://zpr.io/n4gSd2Cv6gFm
#Zyxel #Compass #retewireless

#Zyxel fixes critical flaws affecting firewall and VPN devices #cybersecurity https://securityaffairs.com/146660/security/zyxel-firewall-vpn-critical-flaw.html @securityaffairs

Zyxel risolve diverse vulnerabilità sui suoi firewall e una RCE da 9.8

Il produttore di apparecchiature di #rete #Zyxel ha rilasciato correzioni per una #vulnerabilità critica nei suoi #firewall. Il #bug permette di eseguire da remoto codice arbitrario sui #sistemi vulnerabili.

È stato riferito che la #vulnerabilità è stata scoperta dagli specialisti di TRAPA Security e ha ricevuto l’identificatore CVE-2023-28771 e una valutazione di 9,8 punti su 10 sulla scala di valutazione della #vulnerabilità #CVSS.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/zyxel-risolve-diverse-vulnerabilita-sui-suoi-firewall-e-una-rce-da-9-8/

Referenced link: https://security.humanativaspa.it/multiple-vulnerabilities-in-zyxel-zysh/
Originally posted by thaddeus e. grugq thegrugq@infosec.exchange / @thegrugq@twitter.com: https://twitter.com/0xdea/status/1643913382045597696#m

RT by @thegrugq: Since @SonarSource and others are talking about argument #injection here's a weird example of this #vulnerability class that I recently discovered and exploited on #Zyxel security appliances

https://security.humanativaspa.it/multiple-vulnerabilities-in-zyxel-zysh/

Zyxel: a ICA 22 vince il premio come Miglior Programma di Canale
Zyxel ha ottenuto la terza vittoria consecutiva, aggiudicandosi il premio come "Migliore Programma di Canale", agli Italian Channel Awards,...
https://zpr.io/KLEKKHybBf77
#Zyxel #ItalianChannelAwards #sicurezza

Referenced link: https://0day.today/exploit/description/38283
Originally posted by 0day Exploit Database 🌴 / @inj3ct0r@twitter.com: https://twitter.com/inj3ct0r/status/1638617891242123267#m

#0day #Zyxel Unauthenticated #LAN Remote Code Execution #Exploit #RCE https://0day.today/exploit/description/38283

after a bunch of theories about shorting pins and adding resistors, turns out they just had the baudrate at 9600. strange it didn't work before, cause i already tried that. silly zyxel.

Anyway, we have debug mode, nice! very easy device so far.
only problem is, i can't find the datasheet for the infineon psb7200zdw cpu. #hacking #zyxel

Today my ZyXEL U-1496Eplus LCD get a new Firmware, it‘s the first time after nearly 30years to burn new Eproms for my BBS Modem. #ZyXEL #eprom #firmware #retro #modem #bbs

Referenced link: https://thehackernews.com/2022/09/critical-rce-vulnerability-affects.html
Discuss on https://discu.eu/q/https://thehackernews.com/2022/09/critical-rce-vulnerability-affects.html

Originally posted by The Hacker News / @TheHackersNews@twitter.com: https://twitter.com/TheHackersNews/status/1567384408445026309#m

A new critical remote code execution #vulnerability (CVE-2022-34747) has been found in #Zyxel network-attached storage (NAS) devices — Firmware patch update released.

Read: https://thehackernews.com/2022/09/critical-rce-vulnerability-affects.html

#infosec #cybersecurity #hacking #technews

Referenced link: https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html
Discuss on https://discu.eu/q/https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html

Originally posted by The Hacker News / @TheHackersNews@twitter.com: https://twitter.com/TheHackersNews/status/1530088580021833730#m

RT by @TheHackersNews: #Zyxel has released patches to address four vulnerabilities affecting its #firewall, AP controller, and AP products that allow execution of arbitrary operating system commands and theft of selected information.

Read: https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html

#infosec #cybersecurity #hacking

Referenced link: https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html
Discuss on https://discu.eu/q/https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html

Originally posted by The Hacker News / @TheHackersNews@twitter.com: https://twitter.com/TheHackersNews/status/1530088580021833730#m

#Zyxel has released patches to address four vulnerabilities affecting its #firewall, AP controller, and AP products that allow execution of arbitrary operating system commands and theft of selected information.

Read: https://thehackernews.com/2022/05/zyxel-issues-patches-for-4-new-flaws.html

#infosec #cybersecurity #hacking

Referenced link: https://thehackernews.com/2022/05/zyxel-releases-patch-for-critical.html
Originally posted by The Hacker News / @TheHackersNews@twitter.com: https://twitter.com/TheHackersNews/status/1525000190200975360#m

#Zyxel has released a patch to address a critical security #vulnerability affecting #firewall devices that can allow unauthenticated and remote attackers to gain arbitrary code execution.

Read: https://thehackernews.com/2022/05/zyxel-releases-patch-for-critical.html

#infosec #cybersecurity #hacking

#Zyxel backdoor

https://thehackernews.com/2021/01/secret-backdoor-account-found-in.html

Misused for third party attacks
https://thehackernews.com/2021/06/watch-out-zyxel-firewalls-and-vpns.html

Zyxel hardcoded admin password found – patch now! - Hardcoded passwords are always wrong - they are equivalent to implanting a global backdoor and hop... https://nakedsecurity.sophos.com/2021/01/06/zyxel-hardcoded-admin-password-found-patch-now/ #hardcodedpassword #vulnerability #firewall #router #zyxel