Let me remind you that we wrote that Cloudflare Coped With The Most Powerful DDoS Attack to Date, and also that Developers Can’t Fix a Serious Vulnerability in OpenSSL.

Albert Pedersen

In an article published earlier this week, Pedersen revealed that he alerted Cloudflare to the problem via HackerOne as early as December 7, 2021. According to [...]

The latest vulnerability has the identifier CVE-2022-1040 and is rated as critical on the CVSS scale (9.8 points out of 10 possible).

The bug reportedly allows remote attackers to bypass authentication through the firewall’s user portal or web admin and then execute arbitrary code. The vulnerability was discovered by an anonymous researcher who reported it through the official bug bounty program and stated that the issue affects Sophos Firewall 18.5 MR3 (18.5.3) and earlier.

So far, little is known about attacks that exploit this [...]

Companies on this list are prohibited from purchasing telecommunications equipment and services, parts and components from US companies without specific government approval, and are not eligible for FCC funding. Let me remind you that such giants as Huawei and ZTE have already been included in this list.

According to the US authorities, the products of the banned companies pose a threat to US national security. The ban was imposed under a law that [...]