Palo Alto Networks has released urgent fixes for a maximum severity zero-day vulnerability in their PAN-OS firewall software, identified as CVE-2024-3400. This severe flaw allows unauthenticated attackers to execute malicious code with root privileges and risks remote code execution (RCE). The vulnerability, affecting the GlobalProtect feature, has been exploited in targeted attacks by highly capable threat actors, prompting the release of critical hotfixes. The Cybersecurity and Infrastructure Security Agency (CISA) has added this command injection flaw to its Known Exploited Vulnerabilities catalog. Researchers have also released exploit code for this actively exploited bug.
.@TalosSecurity issued a threat advisory saying it has seen a global increase in brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces, and SSH services. #cybersecurity #infosec #ITsecurity https://t.co/8Q5DvIx7UK
Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies: https://t.co/oVXhTnG3hG by TechCrunch #infosec #cybersecurity #technology #news
Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies https://t.co/yBZEScy3TG
. @TalosSecurity’s research team says it’s monitoring a “global increase in brute-force attacks” against targets including VPN services, while an exploit has been released for a critical vulnerability in Palo Alto Networks’ PAN-OS firewall software. https://t.co/3hbrm2vely
Exploit code for Palo Alto Networks zero-day now public https://t.co/HD4VqOCUjQ
Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services https://t.co/wgIsN7O4Pv
Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services: https://t.co/XQZH6DM2hf by The Hacker News #infosec #cybersecurity #technology #news
⚠️ Researchers warn of a global increase in TOR-based brute-force attacks targeting VPNs, web applications, and SSH services. Details: https://t.co/2X0EwMYT46 #cybersecurity #hacking
Researchers released exploit code for actively exploited Palo Alto PAN-OS bug: https://t.co/aDjYzwq4GJ by Security Affairs #infosec #cybersecurity #technology #news
Cisco warns of large-scale brute-force attacks against VPN services https://t.co/n3tepzCTVU
Palo Alto GlobalProtect CVE-2024-3400 detailed analysis now public & we started to see attack attempts as of ~14 UTC today (connectivity callback tests). See: https://t.co/MFt08N0Kp1 for patch info/mitigation We plan to start reporting out potentially vulnerable instances soon
Palo Alto Network Issues Hotfixes for Zero-Day Bug in Its Firewall OS: https://t.co/bMII4xFQ25 by darkreading #infosec #cybersecurity #technology #news
Palo Alto Networks Releases Fixes For Firewall Zero-Day As Attribution Attempts Emerge https://t.co/euGA5vGq0Q
CISA adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog: https://t.co/N2j2AqfniI by Security Affairs #infosec #cybersecurity #technology #news
Palo Alto Networks Zero-Day Flaw Exploited in Targeted Attacks https://t.co/XwQJ8Cs1tG
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability https://t.co/pvxIwu7YsZ
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability: https://t.co/5bfagkchvU by The Hacker News #infosec #cybersecurity #technology #news
Palo Alto Networks released critical hotfixes to patch a severe #vulnerability (CVE-2024-3400) in their PAN-OS firewall software. The vulnerability allows unauthenticated attackers to run malicious code with root privileges. https://t.co/8XMtnzwaJp #cybersecurity #hacking
.@PaloAltoNtwks disclosed a maximum severity zero-day vulnerability in the Palo Alto Networks PAN-OS GlobalProtect feature that risks remote code execution (RCE) and is under exploitation by “a highly capable threat actor.” #cybersecurity #infosec https://t.co/8nGUHg2Dnm