Palo Alto Networks News Articles
Recent news articles refferecing the vendors vulnerabilities.
3 Critical CVEs in Palo Alto Networks Expedition | Wiz Blog
Urgent: Multiple critical vulnerabilities in Palo Alto Expedition require immediate patching. Learn about CVE-2024-9463 to CVE-2024-9467 and mitigation steps.
6 days ago
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
CISA flags a critical Fortinet flaw under active exploitation. Palo Alto Networks and Cisco also release urgent security patches.
6 days ago
Palo Alto Networks warns of firewall hijack bugs with public exploit
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.
1 week ago
Palo Alto Networks fixed a critical bug in the Expedition tool
Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.
3 months ago
Palo Alto Networks fixed a critical bug in the Expedition tool
Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.
3 months ago
CVE-2024-5910 : PALO ALTO NETWORKS EXPEDITION UP TO 1.2.91 MISSING AUTHENTICATION - Cloud WAF
CVE-2024-5910 : Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
3 months ago
Palo Alto Networks critical flaw in Expedition Migration Tool [CVE-2024-5910]
CVE number = CVE-2024-5910 CVSS Score = 9.3 Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access...
3 months ago
Palo Alto Networks PAN-OS critical 0-day exploited; hotfixes available
The max severity (CVSS 10) bug enables command injection through the GlobalProtect feature.
3 months ago
Active Palo Alto vulnerability exploitation puts over 22K firewalls at risk
BleepingComputer reports that ongoing attacks exploiting the critical Palo Alto Networks PAN-OS command injection flaw, tracked as CVE-2024-3400, could still compromise nearly 22,500 Palo Alto GlobalProtect firewall instances around the world despite the availability of patches.
3 months ago
RedTail Cryptominer Exploits Palo Alto PAN-OS CVE-2024-3400
The operators behind the RedTail cryptominer leverages Palo Alto CVE-2024-3400 vulnerability, exploiting private cryptomining pools.
5 months ago
Understanding the Midnight Eclipse Activity and CVE 2024-3400
In this episode of Threat Vector, host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such...
5 months ago
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
RedTail malware strikes again! Now exploiting a critical Palo Alto Networks firewall vulnerability (CVE-2024-3400).
5 months ago
Your TV Is Scanning You – PSW #826
This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero can steal all your passwords, more XZ style atta...
5 months ago
知识星球
▌苹果用户加入说明 前往 https://github.com/CHYbeta 使用微信扫描主页星球二维码,通过公众号加入。 ▌费用说明 (24年5月3日涨价至 250元 ) 1. 加入费用。星球现价¥250 元。星球价格随 内容沉淀 与 人员数量 适当提高。 2. 续费费用。星球每月积分第一同学可以免费续一年星球。普通老会员享受低价续费,目前6.5折。详见 https://t.zsxq.com/NFUFuFA 3. 对自己:最好的投资就是投资自己。对知识分享者:授人以鱼不如授人以渔。投稿发帖可获得相应红包奖励。 ▌星球介绍 关注漏洞情报分析、聚焦代码特性审计、分享挖洞众测渗透技巧,拒绝伸...
5 months ago
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades - Help Net Security
There are PoC techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls despite resets and upgrades.
6 months ago
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack
A critical vulnerability (CVE-2024-3400) in PAN-OS could expose your systems to remote code execution attacks.
6 months ago
Palo Alto Warns Of Firewall Vulnerability (CVE-2024-3400)
Palo Alto has discovered a high-severity critical flaw (CVE-2024-3400) firewall vulnerability and an advisory to guide users and administrators.
6 months ago
Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
6 months ago
6.2K Palo Alto firewalls still at risk as exploits increase
Proof-of-concept exploits for CVE-2024-3400 are now publicly available.
6 months ago
Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability
Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product.
6 months ago
Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
6 months ago
More attacks target recently patched critical flaw in Palo Alto Networks firewalls
The vulnerability found in GlobalProtect could be exploited to gain access to corporate networks and has seen a rise in compromise attempts despite being patched.
6 months ago
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors.
6 months ago
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited in attacks since at least March 26, 2024.
6 months ago
Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400) - Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses
Zero Knowledge Networking vendor shrugs off firewall flaw In the wake of the recent disclosure of a critical vulnerability (CVE-2024-3400) affecting a leading firewall solution, Xiid Corporation reminds...
6 months ago
Exploits for Palo Alto Networks zero-day published, patch up
Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways. The PoCs started rolling out just...
6 months ago
Exploits for Palo Alto Networks zero-day published, patch up
Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways. The PoCs started rolling out just...
6 months ago
Palo Alto Networks warns of zero-day in VPN product
The company released an advisory about a vulnerability in the popular GlobalProtect VPN product that was unknown to security researchers until this week.
6 months ago
Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation - Help Net Security
Palo Alto Network firewalls can't be protected from attacks leveraging CVE-2024-3400 by disabling the devices' telemetry.
6 months ago
Researchers released exploit code for actively exploited Palo Alto PAN-OS bug
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks' PAN-OS.
6 months ago
Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
6 months ago
Exploit released for Palo Alto PAN-OS bug used in attacks, patch now
Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software.
6 months ago
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Listen to SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) podcast online for free. Discover podcasts, music and radio stations online now.
6 months ago
Palo Alto Network Issues Hot Fixes for Zero-Day Bug in Its Firewall OS
A likely sophisticated threat actor is leveraging the bug to deploy a Python backdoor for stealing data and executing other malicious actions.
6 months ago
Palo Alto, Zero-Day Zafiyeti İçin Güncelleme Yayınladı - ÇözümPark
Palo Alto Networks, 26 Mart’tan beri aktif olarak sömürülen zero-day zafiyetini kapatmaya başladı. CVE-2024-3400 olarak izlenen zafiyet, GlobalProtect (ağ geçidi veya portal) ve PAN-OS 10.2, PAN-OS 11.0 ve PAN-OS 11.1 sürümlerini etkiliyordu. Zafiyetin istismar edilmesi, saldırganlara firewall üzeri...
6 months ago
Palo Alto Networks fixes zero-day exploited to backdoor firewalls
Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls.
6 months ago
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
Palo Alto Networks has issued critical hotfixes for a severe security vulnerability in PAN-OS, which is being actively exploited.
6 months ago
Palo Alto Networks zero-day exploited since March to backdoor firewalls
Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials.
6 months ago
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Hackers have been exploiting a severe flaw (CVE-2024-3400) in Palo Alto Networks' software that began nearly three weeks before discovery.
6 months ago
CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks - Help Net Security
Palo Alto Networks' Unit 42 and Volexity have revealed details about the attacks involving CVE-2024-3400 being exploited.
6 months ago
Palo Alto Networks PAN-OS Zero-day Under Active Attack
In a recent security alert, Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified as CVE-2024-3400.
6 months ago
What You Need to Know About the Critical PAN-OS Zero-Day | CrowdStrike
We are monitoring CVE-2024-3400, a critical command injection vulnerability in Palo Alto Networks’ PAN-OS software. Learn how Falcon® platform users can assess risk exposure.
6 months ago
Palo Alto Networks to fix exploited GlobalProtect zero-day
Palo Alto Networks on Friday issued a critical alert for an under-attack vulnerability in the PAN-OS software used in its firewall-slash-VPN products. The command-injection flaw, with an unwelcome top CVSS...
6 months ago
“Highly capable” hackers root corporate networks by exploiting firewall 0-day
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.
6 months ago
Palo Alto Networks: CVSS 10 bug in Pan-OS is being exploited in the wild
Patch? You'll need to wait until Sunday. Turn off telemetry (no, really) and go to the pub.
6 months ago
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks
Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks.
6 months ago
Palo Alto Networks discloses RCE zero-day vulnerability | TechTarget
In an advisory on April 12, Palo Alto Networks said a zero-day vulnerability in the company's PAN-OS software for firewalls is under attack.
6 months ago
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto Networks firewalls under attack, hotfixes
6 months ago