Collaborate Disseminate
Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.
The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.
Continue reading Palo Alto Networks Shares Remediation Advice for Hacked Firewalls
CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
Continue reading CrushFTP Patches Exploited Zero-Day Vulnerability
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability appeared first on SecurityWee… Continue reading Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments.
The post OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining appeared first on S… Continue reading OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining
Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.
Continue reading Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.
The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared … Continue reading Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge
A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.
The post State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls appeared first on SecurityWeek.
Continue reading State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls
Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.
The post Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars appeared first on SecurityWeek.
Continue reading Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars
Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.
The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek.
Continue reading Palo Alto Networks Warns of Exploited Firewall Vulnerability