Palo Alto Networks warns hackers are breaking into its customers’ firewalls — again

Security



Malicious hackers have compromised potentially thousands of organizations by exploiting two new zero-day vulnerabilities found in widely used software made by cybersecurity giant Palo Alto Networks.

Security researchers at Palo Alto Networks said Wednesday that they have observed a “limited set of exploitation activity” related to the two vulnerabilities in PAN-OS, the operating system that runs on all of Palo Alto’s next-generation firewalls. The bugs are considered zero-days because the company had no time to release patches before the bugs were exploited.

The company said it has observed exploitation of the two bugs, including CVE-2024-0012, which allows an attacker with network access to the management web interface to gain administrator privileges, while the second bug, tracked as CVE-2024-9474, allows an attacker to perform actions on the compromised firewall with higher root privileges. 

When these vulnerabilities are used together, an attacker can remotely plant malicious code on affected firewalls with the highest possible privileges, allowing for deeper access to a company’s network.

Palo Alto Networks says attackers are now using their own functional exploit chaining the two flaws together to target a “limited number of device management web interfaces” exposed to the internet.

According to the Shadowserver Foundation, a nonprofit organization that scans and monitors the internet for vulnerability exploitation, hackers have already compromised more than 2,000 affected Palo Alto Networks firewalls by leveraging the two recently patched flaws. The non-profit found that the highest number of compromised devices were located in the United States, followed by India, with hackers also exploiting firewalls across the United Kingdom, Australia, and China. 

Palo Alto Networks declined to confirm how many firewalls had been compromised when asked by TechCrunch.

U.S. cybersecurity company Arctic Wolf said this week that its researchers also observed hackers exploiting the two Palo Alto firewall vulnerabilities as early as November 19 to break into customer networks, following the release of a proof-of-concept exploit.

“Upon successful exploitation, we have observed threat actors attempting to transfer tools into the environment and exfiltrate config files from the compromised devices,” said Andres Ramos, a threat intelligence researcher at Arctic Wolf, in the company’s blog post.

Palo Alto Networks released patches for the two vulnerabilities and urged organizations to patch as soon as possible. U.S. cybersecurity agency CISA has also added the two vulnerabilities to its Known Exploited Vulnerabilities catalog, which effectively orders civilian federal agencies to patch their systems within a three-week window.

According to researchers at security firm watchTowr Labs, who reverse-engineered Palo Alto’s patches, the flaws resulted from basic mistakes in the development process. 

This is the latest vulnerability in recent months found in corporate security devices, such as firewalls, VPN products and remote access tools, which sit on the edge of a company’s network to function as digital gatekeepers. This is Palo Alto Networks’ second major security alert of the year, alongside flaws found in similar products developed by cybersecurity vendors Ivanti and Check Point.




Source

Traditional Indian spices ground together to bring out the taste of that perfect homemade curry. Driver fusions and their implications in the development and treatment of human cancers. But now, at last, Quiet Riot were signed to a major label for their third album, Metal Health. But strip away all the fancy eye candy, and intentionally or not, Anno Hideaki tells a very simple story in this film. Is it better to eliminate the fabric barrier so the varieties with deep roots can be well-grounded? The Justice League and Green Lantern Corps join forces in a desperate attempt to stop the upcoming onslaught. Surprisingly, Toyota has stepped out of its comfort zone and stepped up with the all-new Corolla, it's doing more than just punching in at the clock—with a thoroughly competent, even delightful compact sedan you might actually choose for reasons other than the bean-counting bottom line. He told The Times of Israel that making the film "changed me a lot. There are infinite families of regular complex polytopes that occur in all dimensions, generalizing the hypercubes and cross polytopes in real space. Floryday Oyakodon in online store Floryday - Buy now floryday. Note how the corner is cut away to make entrance and exit easy. Asked in Metaphors Metonymy and Synecdoche What is a metaphor for a metaphor? This was far from a vintage season for central defenders in La Liga, with previous undisputed top dogs Sergio Ramos and Gerard Pique having their dodgy moments while presumed heirs such as Marc Bartra, Alberto Botia, Andreu Fontas and Victor Ruiz faded from view. They're basically handling 80 to 90 percent of the ancillary duties for providers. It has built a diverse, global business by putting kids first in everything it does. There are several reasons why so many people have tattoos these days. If the national law applicable to the case does not include a divorce law or does not grant one of the spouses equal access to divorce or legal separation on grounds of their sex, the law of the country in which the case is brought will apply. Carol Ships Shoreline Celebration — a small Christmas event with a large bonfire, live music and a parade of boats lit up with Christmas illuminations December 14. Includes details for vehicle parking sticker design a directory door plaque interior and exterior signage lettering employee uniform emblems a clock plans for the patio furniture layout fifteenth floor office and reception bench design layout of the main lobby and a plan for a portable display stand for posters. Genuine emblem of the region, the snail of Burgundy is THE speciality par excellence!

Must Read