Palo

  • Blog

    Over 2,000 Palo Alto firewalls hacked using recently patched bugs

    Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities. The two security flaws are an authentication bypass (CVE-2024-0012) in the PAN-OS management web interface that remote attackers can exploit to gain administrator privileges and a PAN-OS privilege escalation (CVE-2024-9474) that helps them run commands on the firewall with root privileges. While…

    Read More »
  • Blog

    Palo Alto Networks warns of critical RCE zero-day exploited in attacks

    Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as ‘PAN-SA-2024-0015,’ is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a “potential” remote code execution (RCE) vulnerability impacting them. No signs…

    Read More »
  • Blog

    CISA warns of more Palo Alto Networks bugs exploited in attacks

    CISA warned today that two more critical security vulnerabilities in Palo Alto Networks’ Expedition migration tool are now actively exploited in the wild. Attackers can use the two unauthenticated command injection (CVE-2024-9463) and SQL injection (CVE-2024-9465) vulnerabilities to hack into unpatched systems running the company’s Expedition migration tool, which helps migrate configurations from Checkpoint, Cisco, and other supported vendors. While…

    Read More »
  • Blog

    Palo Alto Networks warns of potential PAN-OS RCE vulnerability

    Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface. In a security advisory published on Friday, the company said it doesn’t yet have additional information regarding this alleged security flaw and added that it has yet to detect signs of active exploitation.…

    Read More »
  • Blog

    CISA warns of critical Palo Alto Networks bug exploited in attacks

    Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. This security flaw, tracked as CVE-2024-5910, was patched in July, and threat actors can remotely exploit it to reset application admin credentials on Internet-exposed Expedition servers. “Palo Alto Expedition contains…

    Read More »
  • Blog

    Palo Alto Networks warns of firewall hijack bugs with public exploit

    Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls. The flaws were found in Palo Alto Networks’ Expedition solution, which helps migrate configurations from other Checkpoint, Cisco, or supported vendors. They can be exploited to access sensitive data, such as user credentials, that can help…

    Read More »
  • Blog

    Fake Palo Alto GlobalProtect used as lure to backdoor enterprises

    Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further. Palo Alto GlobalProtect is a legitimate security solution offered by Palo Alto Networks that provides secure VPN access with multi-factor authentication support. Organizations widely use the product to ensure remote employees,…

    Read More »
Back to top button
close