Zyxel firewalls under attack by Mirai-like botnet | allinfosecnews.com

June 1, 2023, 8:41 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CVE-2023-28771 is a vulnerability that allows unauthenticated attackers to execute OS commands remotely by sending crafted IKE (Internet Key Exchange) packets to an affected device. Fixed by Zyxel in April 2023, it was expected to be quickly exploited by attackers once technical write-ups and … More →

The post …

actively exploited attack attackers botnet catalog censys cisa command command injection critical cve cve-2023-28771 don't miss europe exchange exploit exploited firewall firewalls hot stuff ike injection internet kev key known exploited vulnerabilities mirai packets poc rapid7 shadowserver under vulnerabilities vulnerability zyxel zyxel firewalls

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 1 day, 22 hours ago | www.helpnetsecurity.com

accounts australia authentication bitwarden +24

LSA Whisperer: Open-source tools for interacting with authentication packages 1 day, 23 hours ago | www.helpnetsecurity.com

authentication azuread cybersecurity github +16

What AI can tell organizations about their M&A risk 1 day, 23 hours ago | www.helpnetsecurity.com

acquisition adoption ai adoption amp +19

Breaking down the numbers: Cybersecurity funding activity recap 2 days ago | www.helpnetsecurity.com

10 million aim aim security alethea +55

New infosec products of the week: April 26, 2024 2 days ago | www.helpnetsecurity.com

april capabilities cyber cyberint +21

Net neutrality has been restored 2 days, 9 hours ago | www.helpnetsecurity.com

actions broadband communications consumers +24

Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 2 days, 14 hours ago | www.helpnetsecurity.com

acronis aim and response cloud +22

Edgio Client-Side Protection enables organizations to secure critical customer data 2 days, 14 hours ago | www.helpnetsecurity.com

apis browser client client-side +26

IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days, 15 hours ago | www.helpnetsecurity.com

agreement capabilities cash cloud +18

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA

View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA

View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA

View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote

View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City

View on infosec-jobs.com