Security news aggregator

Latest coverage for Firewalls

Stay secure with our latest firewall updates, trends, and expert insights in information security to protect your digital assets effectively.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Firewalls are security controls that permit or block network connections according to policy. They can operate at network boundaries, between internal segments, on individual hosts, or in cloud environments. Basic rules use addresses, ports, protocols, and connection state; more advanced firewalls may inspect applications or encrypted traffic where configured. Their purpose is to limit which systems can communicate, not to determine that all permitted traffic is safe.

Security depends heavily on accurate policy and maintenance. Overly broad, obsolete, or conflicting rules can expose services or allow unnecessary lateral movement, while unmanaged administrative interfaces and unpatched firewall software create additional attack surfaces. Practitioners should restrict management access, apply least-privilege rules, review and remove exceptions, and monitor logs for unexpected connections and policy changes. Firewall logs can support investigation, but encryption, evasion, and traffic allowed by policy may limit what the control can detect.

Showing 6 most recent headlines Filtered view

The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices. [...]

The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices. [...]

Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation