Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 

Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  appeared first on SecurityWee… Continue reading Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released. 
The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.
Continue reading Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device teleme… Continue reading Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge

Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. 
The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared … Continue reading Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.
The post State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls appeared first on SecurityWeek.
Continue reading State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls

CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks

Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company’s firewalls has been exploited in limited attacks and has urged customers with vulnerable devices to quickly implement mitig… Continue reading CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)

Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks’ firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been… Continue reading Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)

Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats

Palo Alto Networks announced a new milestone in how security operations centers (SOC) secure the cloud. The new innovations as part of Cortex XSIAM for Cloud bolster the Palo Alto Networks Cortex XSIAM platform to natively deliver Cloud Detection and R… Continue reading Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats