Palo Alto Networks News Articles
Recent news articles refferecing the vendors vulnerabilities.
Australian Cyber Security Magazine CVE-2024-0012Palo Alto Tracking PAN-OS Authentication Bypass Exploitation Activity
Palo Alto Networks and Unit 42 are tracking a limited set of exploitation activities related to CVE-2024-0012 and are working with external researchers, partners, and customers to share information transparently and rapidly. An authentication bypass in Palo Alto Networks PAN-OS software enables an u...
2 days ago
The Register CVE-2024-0012CVE-2024-9474Palo Alto Networks patches firewall-busting zero-days
Palo Alto Networks (PAN) finally released a CVE identifier and patch for the zero-day exploit that caused such a fuss last week. The vendor dropped details of two vulnerabilities exploited as zero-days. The...
2 days ago
CVE-2024-0012CVE-2024-9474Palo Alto Networks patches firewall-busting zero-days
Palo Alto Networks (PAN) finally released a CVE identifier and patch for the zero-day exploit that caused such a fuss last week. The vendor dropped details of two vulnerabilities exploited as zero-days. The...
2 days ago
watchTowr Labs - Blog CVE-2024-0012CVE-2024-9474Pots and Pans, AKA an SSLVPN - Palo Alto PAN-OS CVE-2024-0012 and CVE-2024-9474
Note: Since this is 'breaking' news and more details are being released, we're updating this post as more details become available (and as we think of better memes). Mash that F5 key every so often for a better blogpost experience! It's no big news that threat actors just love popping
2 days ago
Help Net Security CVE-2024-0012CVE-2024-9474Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) - Help Net Security
Palo Alto Networks fixes two actively exploited zero-day vulnerabilities (CVE-2024-0012, CVE-2024-9474) in its next-generation firewalls.
2 days ago
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW).
3 days ago
The Cyber Express CVE-2024-0012CVE-2024-9474Palo Alto Reports Two More Bugs In PAN-OS Being Exploited
Palo Alto Networks has confirmed the availability of patches to address these issues and said it is "tracking a limited set of exploitation activity" of these PAN-OS vulnerabilities.
3 days ago
Palo Alto Networks CVE-2024-0012Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012
We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include protections and mitigations. We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting s...
3 days ago
Help Net Security CVE-2024-9463CVE-2024-9465Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) - Help Net Security
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks' Expedition.
6 days ago
CISA adds two more vulnerabilities in Palo Alto Networks tools to exploited catalogue
CISA expands Known Exploited Vulnerabilities Catalogue with two newly identified vulnerabilities in Palo Alto Networks' Expedition tool.
6 days ago
GBHackers News CVE-2024-9463CVE-2024-9465CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities
CISA has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog.
6 days ago
CISA warns of more Palo Alto Networks bugs exploited in attacks
CISA warned today that two more critical security vulnerabilities in Palo Alto Networks' Expedition migration tool are now actively exploited in attacks.
1 week ago
Palo Alto Networks warns of potential PAN-OS RCE vulnerability
Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface.
2 weeks ago
Help Net Security CVE-2024-5910Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) - Help Net Security
A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers.
2 weeks ago
The Cyber Express CVE-2024-5910CISA Says Palo Alto's CVE-2024-5910 Under Active Exploit
The U.S. CISA issued an urgent alert regarding an actively exploited vulnerability - CVE-2024-5910 in Palo Alto Networks' Expedition tool.
2 weeks ago
The Stack CVE-2024-5910CVE-2024-9464CISA: Critical Palo Alto Networks vulnerability exploited in the wild
Expedition, a migration tool, hit by bug that could allow attackers with network access to "access secrets, credentials, and other data".
2 weeks ago
GBHackers News CVE-2024-5910CISA warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks’ Expedition tool, which could lead to severe security breaches. The vulnerability, CVE-2024-5910, is classified as a “Missing Authentication” flaw that potentially a...
2 weeks ago
Palo Alto Networks Expedition Vulnerability Exploited in Attacks, CISA Warns
CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog.
2 weeks ago
CISA warns of critical Palo Alto Networks bug exploited in attacks
Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS.
2 weeks ago
6.2K Palo Alto firewalls still at risk as exploits increase
Proof-of-concept exploits for CVE-2024-3400 are now publicly available.
1 month ago
wiz.io CVE-2024-9463CVE-2024-94643 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
Urgent: Multiple critical vulnerabilities in Palo Alto Expedition require immediate patching. Learn about CVE-2024-9463 to CVE-2024-9467 and mitigation steps.
1 month ago
prophaze.com CVE-2024-9463CVE-2024-9463 : PALO ALTO EXPEDITION UP TO 1.2.95 DEVICE CONFIGURATION OS COMMAND INJECTION - Cloud WAF
CVE-2024-9463 : An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition.
1 month ago
The Hacker News CVE-2024-9464CVE-2024-9465CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
CISA flags a critical Fortinet flaw under active exploitation. Palo Alto Networks and Cisco also release urgent security patches.
1 month ago
Palo Alto Networks warns of firewall hijack bugs with public exploit
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.
1 month ago
The Cyber Express CVE-2024-5915CVE-2024-5916CERT-IN Warns About Vulnerabilities In Palo Alto Networks
CERT-IN has issued advisories regarding critical vulnerabilities in Palo Alto Networks applications. Users are urged to update to mitigate these risks.
3 months ago
Palo Alto Networks CVE-2024-3400Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated May 20)
We detail Operation MidnightEclipse, a campaign exploiting command injection vulnerability CVE-2024-3400, and include protections and mitigations.
4 months ago
Security Affairs CVE-2024-5911Palo Alto Networks fixed a critical bug in the Expedition tool
Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.
4 months ago
Security Affairs CVE-2024-5911Palo Alto Networks fixed a critical bug in the Expedition tool
Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.
4 months ago
prophaze.com CVE-2024-5910CVE-2024-5910 : PALO ALTO NETWORKS EXPEDITION UP TO 1.2.91 MISSING AUTHENTICATION - Cloud WAF
CVE-2024-5910 : Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
4 months ago
SystemTek CVE-2024-5910Palo Alto Networks critical flaw in Expedition Migration Tool [CVE-2024-5910]
CVE number = CVE-2024-5910 CVSS Score = 9.3 Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access...
4 months ago
Palo Alto Networks PAN-OS critical 0-day exploited; hotfixes available
The max severity (CVSS 10) bug enables command injection through the GlobalProtect feature.
5 months ago
Active Palo Alto vulnerability exploitation puts over 22K firewalls at risk
BleepingComputer reports that ongoing attacks exploiting the critical Palo Alto Networks PAN-OS command injection flaw, tracked as CVE-2024-3400, could still compromise nearly 22,500 Palo Alto GlobalProtect firewall instances around the world despite the availability of patches.
5 months ago
The Cyber Express CVE-2024-3400RedTail Cryptominer Exploits Palo Alto PAN-OS CVE-2024-3400
The operators behind the RedTail cryptominer leverages Palo Alto CVE-2024-3400 vulnerability, exploiting private cryptomining pools.
6 months ago
CyberWire CVE-2024-3400Understanding the Midnight Eclipse Activity and CVE 2024-3400
In this episode of Threat Vector, host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such...
6 months ago
The Hacker News CVE-2024-3400RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
RedTail malware strikes again! Now exploiting a critical Palo Alto Networks firewall vulnerability (CVE-2024-3400).
6 months ago
Your TV Is Scanning You – PSW #826
This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero can steal all your passwords, more XZ style atta...
6 months ago
知识星球
▌苹果用户加入说明 前往 https://github.com/CHYbeta 使用微信扫描主页星球二维码,通过公众号加入。 ▌费用说明 (24年5月3日涨价至 250元 ) 1. 加入费用。星球现价¥250 元。星球价格随 内容沉淀 与 人员数量 适当提高。 2. 续费费用。星球每月积分第一同学可以免费续一年星球。普通老会员享受低价续费,目前6.5折。详见 https://t.zsxq.com/NFUFuFA 3. 对自己:最好的投资就是投资自己。对知识分享者:授人以鱼不如授人以渔。投稿发帖可获得相应红包奖励。 ▌星球介绍 关注漏洞情报分析、聚焦代码特性审计、分享挖洞众测渗透技巧,拒绝伸...
6 months ago
Help Net Security CVE-2024-3400Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades - Help Net Security
There are PoC techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls despite resets and upgrades.
7 months ago
The Hacker News CVE-2024-3400Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack
A critical vulnerability (CVE-2024-3400) in PAN-OS could expose your systems to remote code execution attacks.
7 months ago
The Cyber Express CVE-2024-3400Palo Alto Warns Of Firewall Vulnerability (CVE-2024-3400)
Palo Alto has discovered a high-severity critical flaw (CVE-2024-3400) firewall vulnerability and an advisory to guide users and administrators.
7 months ago
Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
7 months ago
6.2K Palo Alto firewalls still at risk as exploits increase
Proof-of-concept exploits for CVE-2024-3400 are now publicly available.
7 months ago
Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability
Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product.
7 months ago
Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
7 months ago
CSO Online CVE-2024-3400More attacks target recently patched critical flaw in Palo Alto Networks firewalls
The vulnerability found in GlobalProtect could be exploited to gain access to corporate networks and has seen a rise in compromise attempts despite being patched.
7 months ago
The Hacker News CVE-2024-3400Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors.
7 months ago
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.
7 months ago