Major Security Flaws Observed Zyxel VPN

Zyxel | January 05, 2021

At least a hundred thousand Zyxel devices have been delivered with a hardcoded admin-level backdoor account - a security bargain of the most noteworthy seriousness. The vulnerability, later affirmed by the company itself, was first spotted by cybersecurity researchers from Eye Control.

According to their report, the hardcoded account can be utilized to gain root access to many of Zyxel's devices, some of which are utilized by ventures at the edge of their organizations. These incorporate firewalls, VPN gateways, and access point regulators.

According to Eye Control, the account had root access to the gadget because it was being utilized to install firmware updates to other interconnected Zyxel devices through FTP.

Whenever bargained, the affected devices could be utilized by criminals to launch DDoS attacks and ransomware operations, or as a venturing stone to facilitate more perplexing cyberattacks.

Zyxel has already given patches for the Advanced Threat Protection (ATP) arrangements, Unified Security Gateway (USG) arrangement, USG Flex, and VPN arrangement, with a patch for the WLAN access point regulator NXC arrangement coming in April.

Clients are advised to install the relevant patches, which eliminate the backdoor account.

About Zyxel

Focused on innovation and customer-centricity, Zyxel has been connecting people to the internet for nearly 30 years. We keep promoting creativity which meets the needs of customers. This spirit has never been changed since we developed the world’s first integrated 3-in-1 data/fax/voice modem in 1992. Our ability to adapt and innovate with networking technology places us at the forefront of understanding connectivity for telco/service providers, businesses and home users.


AHEAD discusses their initial impressions and excitement on the potential applications of VMware Cloud Flex Storage.


AHEAD discusses their initial impressions and excitement on the potential applications of VMware Cloud Flex Storage.

Related News


Coretelligent Announces Acquisition of NetCom Systems

Coretelligent | February 16, 2023

On February 15, 2023, Coretelligent, a leading provider of comprehensive managed and co-managed white glove IT support, digital transformation, cybersecurity, cloud integration and compliance and Norwest Equity Partners (NEP), a renowned middle-market investment firm, announced the acquisition of NetCom Systems, Inc. The financial terms of the deal were not disclosed. NetCom Systems, headquartered in Roswell, GA, has been providing IT support to businesses throughout the Southeast for 36 years. They offer a range of services, such as security, managed and co-managed IT solutions, business continuity, and cloud services. This acquisition provides Coretelligent with additional network and cloud infrastructure, virtual desktop infrastructure and application management, which improves the current resources and enables necessary redundancies to strengthen its already secure infrastructure further. This is Coretelligent's sixth acquisition in total and the third since NEP added Coretelligent to its investment portfolio in October 2021. SoundView IT Solutions, LLC., United Technology Group, LLC., Lighthouse Technology Partners, Soundshore Technology Group and Chateaux are among Coretelligent's previous acquisitions. Coretelligent's Founder, President, and CEO, Kevin J. Routhier, commented, "We are delighted to welcome NetCom and their top-tier customers and well-respected team into the Coretelligent family. Our shared tenet of being a trusted partner, passion for providing first-rate customer service, high standards for technical expertise, and the comparable makeup of our solutions made bringing our two firms together a natural conclusion." He added, "Through the acquisition of NetCom, Coretelligent has effectively enhanced its services and further strengthened its commitment to delivering the highest-quality service. This acquirement is a mutually advantageous arrangement that benefits our shared clients and provides our current and new team members with abundant opportunities." (Source – Business Wire) About Coretelligent Coretelligent, headquartered in Needham, Massachusetts, is a leading provider of comprehensive DevOps, IT support, cloud services, cybersecurity, digital transformation, and more. Its team of industry experts delivers high-quality services to leading organizations, helping them thrive in the digital economy. As one of the country's most decorated IT service providers, it offers complete IT support around the clock, 365 days a year. In addition, the company's proprietary technological solutions and comprehensive security services guarantee top-notch business performance and data protection for clients' critical information assets.

Read More


NordVPN Confirms Third No-Log Policy Assurance Engagement with Deloitte's Seal of Approval

NordVPN | January 20, 2023

NordVPN, a cybersecurity company, has confirmed its third no-log policy assurance engagement, which was conducted by Deloitte, a leading Big Four auditing firm. NordVPN is committed to protecting the privacy, security, and anonymity of its customers. This third no-log policy assurance engagement is part of that commitment. The engagement included a thorough analysis of NordVPN's processes and configurations for standard VPN, obfuscated VPN, onion over VPN, double VPN, and P2P servers, as well as an inspection of the server configuration and central infrastructure. This showed that NordVPN's customers get a VPN service that complies with its no-logs policy. Product strategist at NordVPN, Vykintas Maknickas, said, “We are proud to be examined for the third time, representing our continuous efforts to assure transparency to our users. We are delighted to receive the Deloitte stamp of approval, which proves that when we say privacy, we truly mean it." (Source - Globenewswire) The assurance engagement is the third that NordVPN has undergone, with the first being in 2018 and the second in 2020, showing the company's commitment to privacy. The full "no logs assurance engagement report" is available on NordVPN's website. Through these engagements, NordVPN has been able to provide customers with assurance that their data is secure and private. About NordVPN NordVPN is a virtual private network (VPN) provider that masks your IP address and encrypts your internet connection to protect your privacy and security online. It prevents third-party snoopers such as ISPs or advertisers from tracking your online activities, and allows you to securely connect to public Wi-Fi hotspots without worrying about hackers stealing your data. With NordVPN, you can surf the internet without any restrictions, as it offers access to over 5600 servers in 60 countries. NordVPN is one of the most advanced VPN service providers in the world, offering features like double VPN encryption, Onion Over VPN, zero tracking, and Threat Protection. It is user-friendly and offers competitive pricing.

Read More


ThinPrint Launches Cloud Print Server on Azure for Fast and Reliable Printing in Private Cloud

ThinPrint | March 02, 2023

ThinPrint has released its Azure Cloud Print Server, which is a print server that is optimized for the cloud and makes it possible to print quickly and reliably in the private cloud. The management portal gives businesses full control over their print environments, and the reduced workload and bandwidth usage saves money and improves ROI. The Azure Cloud Print Server also uses secure authentication and authorization to make sure that documents stay private and safe. Also, the server can be connected to other IT systems, which makes it easier to manage printers in different places. ThinPrint's Azure Cloud Print Server is made to be very safe, with user authentication and encrypted data in transit. Also, the server can be added to an already existing IT system, which makes it easy to switch to cloud printing. Charlotte Kuenzell, the CEO of ThinPrint, said, "We are excited to introduce our Cloud Print Server on Azure, which provides government and enterprise customers with a solution for fast and reliable printing to virtual desktop environments in the private cloud." She also said, "With adaptive compression, SSL encryption, and simplified printer mapping, our Cloud Print Server delivers the highest levels of performance, security, and control in the private cloud." (Source - Globenewswire) The Cloud Print Server has features that are used in other settings, like advanced and adaptive compression, SpeedCache, streaming, font management, and printing without a driver for all printer models. The ThinPrint Cloud Print Server, including all features, is available for free trial in the private cloud for the first 30 days. About ThinPrint ThinPrint has 20 years of enterprise printing experience. ThinPrint's solutions provide secure, high-performance printing with a seamless user experience as networks and end devices become more complex. From endpoint printers to innovative end devices, their technology supports printing innovations. The company prioritizes print infrastructure management, network performance optimization, and user satisfaction. ThinPrint has over 30,000 corporate customers and over 100 desktop as a service and software as a service providers who use their printing solutions. ThinPrint added ezeep and its native cloud technology to their cloud portfolio in 2015, making it the leading printing solution for coworking and shared spaces. ThinPrint has offices in the US, UK, Australia, Japan, and China and over 350 channel partners worldwide to provide local support and develop and test its solutions in Berlin, Germany. Innovative companies can overcome all printing challenges with ThinPrint.

Read More