Palo Alto Networks

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) 2024-11-15 at 13:16 By Zeljka Zorz Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root […]

React to this headline:

Loading spinner

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) Read More »

Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)

Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) 2024-11-08 at 13:36 By Zeljka Zorz A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday. About CVE-2024-5910 Unearthed and reported by Brian Hysell of Synopsys

React to this headline:

Loading spinner

Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) Read More »

North Korean hackers pave the way for Play ransomware

North Korean hackers pave the way for Play ransomware 2024-10-31 at 12:49 By Zeljka Zorz North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Palo Alto Networks) The attack

React to this headline:

Loading spinner

North Korean hackers pave the way for Play ransomware Read More »

Palo Alto Networks extends security into harsh industrial environments

Palo Alto Networks extends security into harsh industrial environments 2024-10-22 at 13:01 By Industry News The convergence of IT and operational technology (OT) and the digital transformation of OT have created new opportunities for innovation and efficiency in critical Industrial Automation and Control Systems. However, these advancements also broaden the potential attack surface, making it

React to this headline:

Loading spinner

Palo Alto Networks extends security into harsh industrial environments Read More »

Windows users targeted with fake human verification pages delivering malware

Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification

React to this headline:

Loading spinner

Windows users targeted with fake human verification pages delivering malware Read More »

Palo Alto Networks Patches Dozens of Vulnerabilities 

Palo Alto Networks Patches Dozens of Vulnerabilities  2024-09-12 at 16:46 By Eduard Kovacs Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser. The post Palo Alto Networks Patches Dozens of Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Palo Alto Networks Patches Dozens of Vulnerabilities  Read More »

CERT-In Advisory and WikiLoader Campaign: Comprehensive Overview of Recent Security Threats

CERT-In Advisory and WikiLoader Campaign: Comprehensive Overview of Recent Security Threats 2024-09-03 at 18:46 By dakshsharma16 CERT-In’s advisory on Palo Alto Networks vulnerabilities and WikiLoader’s fake GlobalProtect installers highlight major security risks. Key Takeaways Overview CERT-In’s recent advisory and the emergence of WikiLoader malware highlight pressing security concerns involving Palo Alto Networks applications and new

React to this headline:

Loading spinner

CERT-In Advisory and WikiLoader Campaign: Comprehensive Overview of Recent Security Threats Read More »

Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign

Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign 2024-08-16 at 17:46 By Ionut Arghire Security researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables. The post Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign Read More »

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom 2024-08-15 at 17:16 By Zeljka Zorz Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers

React to this headline:

Loading spinner

Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom Read More »

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR 2024-08-15 at 15:04 By Eduard Kovacs Palo Alto Networks has patched multiple vulnerabilities, including ones rated high severity, in several products. The post Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR Read More »

NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?

NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise? 2024-08-09 at 08:02 By Help Net Security The Network and Information Security (NIS) 2 Directive is possibly one of the most significant pieces of cybersecurity regulation to ever hit Europe. The 27 EU Member States have until 17 October 2024 to adopt and publish

React to this headline:

Loading spinner

NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise? Read More »

Prosimo and Palo Alto Networks join forces to improve cloud infrastructure security

Prosimo and Palo Alto Networks join forces to improve cloud infrastructure security 2024-06-13 at 11:31 By Industry News Prosimo announced an integration with Palo Alto Networks for a powerful new approach to security that protects applications and workloads in multi cloud environments. With Prosimo’s Full Stack Cloud Transit platform, customers can seamlessly integrate with Palo

React to this headline:

Loading spinner

Prosimo and Palo Alto Networks join forces to improve cloud infrastructure security Read More »

Palo Alto Networks Teams Up With IBM, Acquires QRadar SaaS Assets 

Palo Alto Networks Teams Up With IBM, Acquires QRadar SaaS Assets  2024-05-16 at 14:16 By SecurityWeek News Palo Alto Networks and IBM have announced a significant partnership to jointly provide cybersecurity solutions. The post Palo Alto Networks Teams Up With IBM, Acquires QRadar SaaS Assets  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Palo Alto Networks Teams Up With IBM, Acquires QRadar SaaS Assets  Read More »

Palo Alto Networks partners with IBM to deliver AI-powered security offerings

Palo Alto Networks partners with IBM to deliver AI-powered security offerings 2024-05-16 at 11:01 By Industry News Palo Alto Networks and IBM announced a broad-reaching partnership to deliver AI-powered security outcomes for customers. The announcement is a testament to Palo Alto Networks’ and IBM’s commitment to each other’s platforms and innovative capabilities. The expanding and

React to this headline:

Loading spinner

Palo Alto Networks partners with IBM to deliver AI-powered security offerings Read More »

Palo Alto Networks and Accenture help organizations accelerate AI adoption

Palo Alto Networks and Accenture help organizations accelerate AI adoption 2024-05-13 at 15:46 By Industry News Palo Alto Networks and Accenture announced an expansion of their long-standing strategic alliance. New offerings will combine Precision AI technology from Palo Alto Networks and Accenture’s secure generative AI services to help organizations embrace the potential of AI with

React to this headline:

Loading spinner

Palo Alto Networks and Accenture help organizations accelerate AI adoption Read More »

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades 2024-04-30 at 15:47 By Zeljka Zorz There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious attempts to

React to this headline:

Loading spinner

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades Read More »

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls 2024-04-25 at 17:16 By Eduard Kovacs Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400. The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls Read More »

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability 2024-04-23 at 14:02 By Eduard Kovacs Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product. The post Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability Read More »

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  2024-04-22 at 15:16 By Ionut Arghire Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400. The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  Read More »

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release 2024-04-17 at 14:31 By Eduard Kovacs Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.  The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release Read More »

Scroll to Top