Networks
-
Blog
Palo Alto Networks warns of critical RCE zero-day exploited in attacks
Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as ‘PAN-SA-2024-0015,’ is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a “potential” remote code execution (RCE) vulnerability impacting them. No signs…
Read More » -
Blog
CISA warns of more Palo Alto Networks bugs exploited in attacks
CISA warned today that two more critical security vulnerabilities in Palo Alto Networks’ Expedition migration tool are now actively exploited in the wild. Attackers can use the two unauthenticated command injection (CVE-2024-9463) and SQL injection (CVE-2024-9465) vulnerabilities to hack into unpatched systems running the company’s Expedition migration tool, which helps migrate configurations from Checkpoint, Cisco, and other supported vendors. While…
Read More » -
Blog
Palo Alto Networks warns of potential PAN-OS RCE vulnerability
Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface. In a security advisory published on Friday, the company said it doesn’t yet have additional information regarding this alleged security flaw and added that it has yet to detect signs of active exploitation.…
Read More » -
Blog
CISA warns of critical Palo Alto Networks bug exploited in attacks
Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. This security flaw, tracked as CVE-2024-5910, was patched in July, and threat actors can remotely exploit it to reset application admin credentials on Internet-exposed Expedition servers. “Palo Alto Expedition contains…
Read More » -
Blog
Warning issued after SharePoint flaw puts entire corporate networks at risk
Security researchers have issued an alert over threat actors exploiting a recently disclosed vulnerability in Microsoft Sharepoint, warning the weakness could allow attackers to compromise the entire network. Researchers from Rapid7’s incident response team have published findings from an investigation where hackers compromised a Microsoft Exchange service account by exploiting a vulnerability in a public-facing application. The attacker was able…
Read More » -
Blog
Fog ransomware targets SonicWall VPNs to breach corporate networks
Fog and Akira ransomware operators are increasingly breaching corporate networks through SonicWall VPN accounts, with the threat actors believed to be exploiting CVE-2024-40766, a critical SSL VPN access control flaw. SonicWall fixed the SonicOS flaw in late August 2024, and roughly a week later, it warned that it was already under active exploitation. At the same time, Arctic Wolf security…
Read More » -
Blog
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. Black Basta is a ransomware operation active since April 2022 and responsible for hundreds of attacks against corporations worldwide. After the Conti cybercrime syndicate shut down in June 2022 following a series of embarrassing…
Read More » -
Blog
Where next for private cloud networks?
However you define “private cloud” or segment the analysis, it’s on the up. Although organizations are moving away from owning their own on premises infrastructure in their own data centers, they’re not guaranteed to choose the public cloud as they might have in the early cloud boom years. So says Terry Storrar, managing director at Leaseweb, who tells ITPro that…
Read More » -
Blog
Palo Alto Networks warns of firewall hijack bugs with public exploit
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls. The flaws were found in Palo Alto Networks’ Expedition solution, which helps migrate configurations from other Checkpoint, Cisco, or supported vendors. They can be exploited to access sensitive data, such as user credentials, that can help…
Read More » -
Blog
Emerson and Nozomi Networks announce expanded partnership
Software and technology provider, Emerson, and operational technology (OT) security specialist, Nozomi Networks, have announced an expansion of their existing partnership. The new agreement aims to better address the growing demand for OT cybersecurity services and solutions across the power and water industries, with Nozomi’s advanced solutions for industrial control system cyber resiliency and real-time operational visibility now available to…
Read More »