Significant Compromise of Palo Alto Networks Firewalls Due to Zero-Day Vulnerabilities The Shadowserver Foundation has disclosed that approximately 2,000 Palo Alto Networks firewalls have fallen victim to exploitation via two zero-day vulnerabilities in the company’s PAN-OS software. These vulnerabilities, identified as CVE-2024-0012 and CVE-2024-9474, have enabled unauthorized access to administrative…
Webinar Highlights Security Challenges in Browser-Based Work Environments In a recent webinar hosted by Palo Alto Networks, industry experts addressed the growing security concerns associated with browser-based work environments. As organizations increasingly rely on web browsers for access to corporate data and applications, the vulnerabilities inherent in this shift have…
AI-Driven Cloud Security Services, The Future of AI & Cybersecurity Presented by Palo Alto Networks x Google Cloud 60 minutes In the rapidly evolving landscape of artificial intelligence, organizations face an increasingly sophisticated array of cyber threats. As businesses integrate AI technologies, they must navigate new vulnerabilities and guard against…
Palo Alto Networks has released essential remediation guidance in response to a critical security vulnerability affecting its PAN-OS software, which is currently under active exploitation. This vulnerability, identified as CVE-2024-3400 and rated with a maximum CVSS score of 10.0, poses a significant risk by allowing unauthenticated remote command execution on…
The cyber threat actor known as Muddled Libra has been identified as actively targeting software-as-a-service (SaaS) applications and cloud service providers (CSPs) with the intent to exfiltrate confidential information. This malicious activity underscores an increasing trend where organizations store diverse sets of data within SaaS platforms and leverage CSP services,…
Recent developments in AI security highlight the escalating complexity of the AI supply chain, a critical aspect often overlooked in cybersecurity discussions. This emerging area involves numerous interconnected components, including data sources, machine learning models, application programming interfaces (APIs), and the underlying infrastructure, all situated within increasingly dynamic cloud environments.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a significant security vulnerability affecting Apache Flink to its Known Exploited Vulnerabilities (KEV) catalog. This announcement, made on Thursday, highlights the potential risks associated with an open-source framework widely used for unified stream processing and batch processing, amid reports…
North Korean State-Sponsored Group Partners with Ransomware Actors in Recent Cyberattack A recent report from Palo Alto Networks’ Unit 42 highlights alarming developments in the cybersecurity landscape, revealing a collaboration between the North Korean state-sponsored threat group known as Jumpy Pisces and the financially motivated Play ransomware group. This incident…
RedTail Malware Targets Palo Alto Networks Firewalls in Latest Cyber Attack Recently, cybersecurity analysts have identified an alarming development involving the RedTail cryptocurrency mining malware, which has integrated a newly disclosed vulnerability affecting Palo Alto Networks firewalls into its repertoire of exploits. This vulnerability, cataloged as CVE-2024-3400, has received a…
