Cybersecurity

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

Apr 26, 2024NewsroomNetwork Security / Zero Day Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in […]

Cybersecurity

Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware

A creative exploit of Palo Alto Networks’ extended detection and response (XDR) software could have allowed attackers to puppet it like a malicious multitool. In a briefing at Black Hat Asia this week, Shmuel Cohen, security researcher at SafeBreach, described how he not only reverse-engineered and cracked into the company’s signature Cortex product but also […]

Cybersecurity

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Apr 20, 2024NewsroomVulnerability / Network Security Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2, […]

Cybersecurity

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

Apr 18, 2024NewsroomIncident Response / Cyber Espionage Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform. “The documents contained […]

Cybersecurity

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

Apr 15, 2024NewsroomFirewall Security / Vulnerability Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature that an unauthenticated attacker could weaponize […]

Cybersecurity

Palo Alto Networks fixed multiple DoS bugs in its firewalls

Palo Alto Networks fixed multiple DoS bugs in its firewalls Pierluigi Paganini April 11, 2024 Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. The […]

Cybersecurity

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

Apr 12, 2024NewsroomNetwork Security / Zero-Day Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. “A command injection vulnerability in the GlobalProtect feature of Palo Alto […]

Cybersecurity

Nozomi Networks raises $100 million to help secure critical infrastructure – Help Net Security

Nozomi Networks announced a $100 million Series E funding round to help accelerate innovative cyber defenses and expand cost-efficient go-to-market expansion globally. This latest round includes investments from Mitsubishi Electric and Schneider Electric. They join a growing list of OT original equipment manufacturers (OEMs) who have invested in Nozomi Networks, including previous investors Honeywell and […]