Category : Firewall

Hotfix applied to XG Firewall v17.5 for Exim vulnerability

Screen Shot 2019-06-14 at 12.56.45 PM

Some of you may be aware that security researchers recently discovered a security vulnerability in a popular email server, Exim. Exim is used by XG Firewall v17.5, specifically if a customer has enabled Email Protection. There is no need to worry, Sophos has you covered.
On Friday 7 June 2019, Sophos released and automatically applied an over the air hotfix to all XG Firewalls with auto-updates enabled to address this issue. If your XG Firewall does not have auto-updates enabled, please review KB134199 and contact Sophos Support.

Exim mail servers patching:

Cisco Firewall flaw allows hackers to take control of devices


Recent headlines this week reported that three models of Cisco wireless VPN firewalls and routers from the small business RV series contain a critical unpatched vulnerability that hackers can use to take control over devices. In the Web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router, you’ll find the vulnerability. Attackers only need to send an unauthenticated HTTP request with custom user data and the vulnerability can easily be exploited if the devices are configured for remote management.

Unfortunately this is not the only unpatched vulnerability within the three Cisco models, the company also warns of a cross-site scripting (XSS) flaw as well as two buffer overflows that could risk denial-of-service conditions. Exploiting the buffer overflows  requires attackers to have an authenticated session in the devices’s Wed-based interface. But the XSS flaw is easily triggered by tricking authenticated users to click on malicious URLs. Successful exploit allows attackers to acess sensitive browser-based information. The XSS flaw, because it can be combined with other vulnerabilities, makes it difficult for users to find a mitigation strategy without patches. If users were to disable external management in their devices in an attempt to protect themselves from this vulnerability, the devices will still be exposed through the cross-site scripting flaw.

Unfortunately, no patches are available for any of the 3 security flaws. Cisco plans to release firmware updates that will address the latest flaws sometimes within the third quarter of 2016.





If you would like to educate yourself in more detail about the information presented in this blog post please visit: Flaws expose Cisco small-business routers, firewalls to hacking

Who’s in Charge of Your Cybersecurity?


The first step in successful cyber-security is getting every employee on board. It is pretty obvious that some hardware goes into creating a security shield around important data. As an Information Technology company ourselves, we already know the value Firewall, and anti virus software have on making your network more secure. However, in order to adopt a more proactive protection policy, the groundwork needs to be laid, starting with company culture and communication. It is increasingly important to enforce awareness and education in order to save a lot of headache later down the line.

The CEO of the company needs to take interest in cyber-security before any of the employees can get on board. Simple risk analysis is a great start. Buying products online is not sufficient. A knowledgeable IT professional should be on hand. You need someone who is going to leverage the right equipment as well as set security measures that fit your establishment.

“The cyber threat cannot be solved by buying products” says Tim Holman, president of the Information Systems Security Association in the UK. Holman has the right idea, if your company is not equipped with the right skills to manage these products they are basically junk. It is important to attack cyber-security the way a hacker does. Common sense leads us to find that reducing the amount of sensitive data stored will always be a great measure. Restricting access to information and getting cyber liability cover is another way to lessen the probability of attack.

As information continues to flow in and out of your business remember that with any exchange over the internet comes a great deal of risk. Ensure your company professionals understand how to practice good security efforts. Never open an attachment that is unfamiliar, back up data in two separate places, and utilize solid Firewall and anti-virus software. Keep all platforms up to date with the latest patches and security fixes. Top to bottom, cyber-security is the responsibility of all.bva_withninja_teal-centered




If you would like to educate yourself in more detail about the information presented in this blog post please visit: The CISO, the CIO, the CEO, or you: Who is really responsible for cybersecurity?

Cyber Security Threats – Proactive Rather Than Reactive

Word Press PhotosSecurity executives have increasingly urged firms to utilize prevention, encouraging a plan that encompasses Information Technology and business units in order to ensure cyber security.

Why might you ask? As a mere observation, most firms have accepted hackers as a viable threat that will eventually infiltrate their network. Rather than focus on preventative measures, companies have taken to the opposite, strengthening their reactive forces and mitigating the damage a hacker can do once inside. Although important, focus needs to be on cyber security and data breach prevention in addition to recovery after the fact. This change of mindset ensures significant progress can be made to prevent threats, making better use of time and resources for your company.

John Davis, CSO of Palo Alto Networks’ federal division, suggests “Call for a comprehensive risk analysis, mapping out the different segments of the network and examining the needs of the enterprise along with the security concerns.” He encourages information technology teams and cybersecurity teams to work together for a higher level of performance. Prevention tactics bring together these two forces in a more collective manner.



If you would like to educate yourself in more detail about material presented in this blog post please visit:

Mandatory SonicOS Firmware Upgrade for your Sonicwall Firewall

Issue Summary
In the past, Dell SonicWALL used industry standard 1024-bit certificates. To comply with Certification Authority/Browser forum requirements based on NIST Special Publication 800-131A, as of January 1, 2014, all web browsers and Certification Authorities (CAs) will no longer sell or support 1024-bit RSA certificates. Certificates with less than 2048-bit key length will need to be revoked and replaced with certificates of higher encryption strength. All current Dell SonicWALL firewalls use versions of SonicOS firmware with the 2048-bit security standard. Recent updates and upgrades of SonicOS firmware use the industry standard and recommended 2048-bit certificate. This is an urgent notification that on January 1, 2014, all web browsers and Certification Authorities (CAs) will no longer support 1024-bit RSA certificates. This change is not driven by Dell SonicWALL, but rather a decision by Certificate Authorities to enforce the use of highly secure certificates. Certificates using the 1024-bit key length will be revoked and must be replaced with certificates of higher encryption strength. If you own a Dell SonicWALL firewall with an older firmware version that does not use 2048-bit certificates you must upgrade the firmware to the latest version or the minimum General Release version which includes the 2048-bit certificate as listed in the Firmware Upgrade Table below by December 31, 2013. Dell SonicWALL is providing the minimum firmware upgrade to all customers regardless of support contract status.

How does this issue affect me?

If you own a Dell SonicWALL firewall with an older firmware version that does not support 2048-bit certificates, the firewall will NOT be able to get real-time license information or the latest security services updates from our back-end systems. Existing security services on Dell SonicWALL firewalls that use 1024-bit certificates will continue to block previously-known threats, but the lack of updates may expose the protected network to new threats and exploits. In addition, you will NOT be able to activate and renew security services.

How can I tell what firmware version is running on my firewall?

Follow these steps to find the firmware version running on your Dell SonicWALL firewall.

  • Log into your Dell SonicWALL firewall
  • Click on “System” in the left-hand navigation
  • Look for “Firmware Version” under the “System Information” heading

What actions do I need to take?

Dell SonicWALL strongly recommends upgrading firewalls running older firmware to the minimum General Release version indicated in the table below. The table lists the affected Dell SonicWALL products and the associated minimum required firmware versions. All General Release versions of the required minimum SonicOS version for your appliance(s) are available on

Note: Active support is not required to download the minimum General Release version of the firmware listed in the Firmware Upgrade Table below.

When do I need to do this by?

If you have a Dell SonicWALL firewall that does not support 2048-bit certificates you must upgrade the firmware on the firewall by December 31, 2013.

How do I upgrade the firmware on my firewall?

Firmware must be upgraded on your Dell SonicWALL firewall(s) to the latest firmware version or the minimum firmware version as listed in the table below. The latest or minimum required General Release firmware can be downloaded from the Download Center. The following Knowledge Base articles will guide you through the processes for downloading and upgrading the firmware on your firewall.
How to Download SonicOS Firmware
How to Upgrade SonicOS Firmware with Current Preferences on a Dell SonicWALL Firewall

What firmware version do I need to upgrade to?

Follow these steps to determine the required firmware version for your Dell SonicWALL firewall.

  • Find your firewall model under the “Dell SonicWALL Firewall” column.
  • Determine if your firewall is running one of the versions listed under “Currently Running Firmware.”
  • Check the “Minimum Required SonicOS Firmware Version” to see if an upgrade is required. If it is, you will need to upgrade to at least the minimum required version listed in the right-hand column of the table.


Dell SonicWALL Firewall Current Running Firmware Minimum Required SonicOS
Firmware Version
NSA E5500/E6500/E7500/E8500/E8510
NSA 240/2400/3500/4500/5000
TZ 210/210W
TZ 200/200W
TZ 100/100W
5.3.x.x – or older or newer Upgrade not required or newer Upgrade not required –
NSA 2400MX – or newer Upgrade not required
TZ 205/205W
TZ 105/105W – or newer Upgrade not required
PRO 4060/4100/5060 Enhanced or older Enhanced
PRO 2040/3060 Enhanced or older Enhanced Standard or older Standard
PRO 1260 Enhanced or older Enhanced Standard or older Standard
TZ 190/190W Enhanced or older Enhanced
TZ 180/180W Standard or older Standard Enhanced or older Enhanced
TZ 170/170W/170 SP Enhanced or older Enhanced Standard or older Standard
TZ 170 SPW Enhanced or older Enhanced
TZ 150/150W/150W Rev B Standard or older Standard
Product models not affected by this certificate issue include:

  • SuperMassive 9200/9400/9600
  • NSA 2600/3600/4600/5600/6600
  • NSA 250M/250MW
  • NSA 220/220W
  • TZ 215/215W