Palo Alto Networks Cortex Cloud applies AI-driven insights to reduce risk and prevent threats 2025-02-13 at 16:33 By Industry News Palo Alto Networks introduced Cortex Cloud, the next version of Prisma Cloud, that natively brings together new releases of its cloud detection and response (CDR) and cloud native application protection platform (CNAPP) capabilities on the […]
React to this headline:
Palo Alto Networks Patches Potentially Serious Firewall Vulnerability 2025-02-13 at 14:05 By Eduard Kovacs Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability. The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
Palo Alto Networks Patches Potentially Serious Firewall Vulnerability Read More »
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation
React to this headline:
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »
Platformization is key to reduce cybersecurity complexity 2025-01-31 at 07:03 By Help Net Security Organizations are facing security complexity challenges as they juggle an average of 83 different security solutions from 29 vendors, according to a report by IBM and Palo Alto Networks. It also shows 7 out of 10 surveyed companies with a high
React to this headline:
Platformization is key to reduce cybersecurity complexity Read More »
Researchers reveal exploitable flaws in corporate VPN clients 2024-11-26 at 17:33 By Zeljka Zorz Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. CVE-2024-5921 CVE-2024-5921 affects various versions of Palo Alto’s GlobalProtect App on
React to this headline:
Researchers reveal exploitable flaws in corporate VPN clients Read More »
Active network of North Korean IT front companies exposed 2024-11-21 at 16:18 By Zeljka Zorz An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has revealed an active network of such companies originating in China. Unearthing North Korean IT front
React to this headline:
Active network of North Korean IT front companies exposed Read More »
2,000 Palo Alto Networks devices compromised in latest attacks 2024-11-21 at 13:27 By Zeljka Zorz Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predominantly located in the US and India, the nonprofit says. Manual and
React to this headline:
2,000 Palo Alto Networks devices compromised in latest attacks Read More »
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) 2024-11-18 at 17:33 By Zeljka Zorz Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as zero-days. About the vulnerabilities (CVE-2024-0012, CVE-2024-9474) CVE-2024-0012 stems from missing authentication for a critical
React to this headline:
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) 2024-11-15 at 13:16 By Zeljka Zorz Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root
React to this headline:
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) Read More »
Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) 2024-11-08 at 13:36 By Zeljka Zorz A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday. About CVE-2024-5910 Unearthed and reported by Brian Hysell of Synopsys
React to this headline:
Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910) Read More »
North Korean hackers pave the way for Play ransomware 2024-10-31 at 12:49 By Zeljka Zorz North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Palo Alto Networks) The attack
React to this headline:
North Korean hackers pave the way for Play ransomware Read More »
Palo Alto Networks extends security into harsh industrial environments 2024-10-22 at 13:01 By Industry News The convergence of IT and operational technology (OT) and the digital transformation of OT have created new opportunities for innovation and efficiency in critical Industrial Automation and Control Systems. However, these advancements also broaden the potential attack surface, making it
React to this headline:
Palo Alto Networks extends security into harsh industrial environments Read More »
Windows users targeted with fake human verification pages delivering malware 2024-09-19 at 17:01 By Zeljka Zorz For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification
React to this headline:
Windows users targeted with fake human verification pages delivering malware Read More »
Palo Alto Networks Patches Dozens of Vulnerabilities 2024-09-12 at 16:46 By Eduard Kovacs Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser. The post Palo Alto Networks Patches Dozens of Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
React to this headline:
Palo Alto Networks Patches Dozens of Vulnerabilities Read More »
CERT-In Advisory and WikiLoader Campaign: Comprehensive Overview of Recent Security Threats 2024-09-03 at 18:46 By dakshsharma16 CERT-In’s advisory on Palo Alto Networks vulnerabilities and WikiLoader’s fake GlobalProtect installers highlight major security risks. Key Takeaways Overview CERT-In’s recent advisory and the emergence of WikiLoader malware highlight pressing security concerns involving Palo Alto Networks applications and new
React to this headline:
Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign 2024-08-16 at 17:46 By Ionut Arghire Security researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables. The post Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign appeared first on SecurityWeek. This
React to this headline:
Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign Read More »
Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom 2024-08-15 at 17:16 By Zeljka Zorz Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers
React to this headline:
Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR 2024-08-15 at 15:04 By Eduard Kovacs Palo Alto Networks has patched multiple vulnerabilities, including ones rated high severity, in several products. The post Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR Read More »
NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise? 2024-08-09 at 08:02 By Help Net Security The Network and Information Security (NIS) 2 Directive is possibly one of the most significant pieces of cybersecurity regulation to ever hit Europe. The 27 EU Member States have until 17 October 2024 to adopt and publish
React to this headline:
NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise? Read More »
Prosimo and Palo Alto Networks join forces to improve cloud infrastructure security 2024-06-13 at 11:31 By Industry News Prosimo announced an integration with Palo Alto Networks for a powerful new approach to security that protects applications and workloads in multi cloud environments. With Prosimo’s Full Stack Cloud Transit platform, customers can seamlessly integrate with Palo
React to this headline:
Prosimo and Palo Alto Networks join forces to improve cloud infrastructure security Read More »