2025-02-05 07:50:30 Pacfic
Palo Alto Firewall DoS Flaw Exploited - 8d
A high-severity denial-of-service (DoS) vulnerability (CVE-2024-3393, CVSS 8.7) has been discovered in Palo Alto Networks PAN-OS software and Prisma Access firewalls. Unauthenticated attackers can exploit this by sending malicious DNS packets through the firewall’s data plane, causing the firewall to reboot and potentially enter maintenance mode. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode, disrupting network operations. A patch is available, and it should be applied immediately. Palo Alto Networks is aware of customers experiencing this denial of service (DoS) when their firewall blocks malicious DNS packets that trigger this issue.
North Korean Hackers Use OtterCookie Malware - 8d
North Korean threat actors are actively using a new malware called ‘OtterCookie’ in their ‘Contagious Interview’ campaign. This campaign is targeting software developers with fake job offers. The malware acts as a backdoor, enabling unauthorized access to compromised systems. This is part of a broader trend of North Korean cyber activity aimed at financial gain and espionage. The activity indicates a sophisticated and persistent threat actor leveraging social engineering to infiltrate targeted systems.
Massive Attack Targets Palo Alto Networks Devices - 10d
Over 2,000 Palo Alto Networks devices were compromised in a large-scale attack exploiting vulnerabilities CVE-2024-0012 and CVE-2024-9474. Attackers bypassed authentication, escalated privileges, and deployed malware. The US and India were particularly impacted.
Palo Alto Networks Warns of Critical Remote Command Execution Vulnerability - 18d
Palo Alto Networks has issued a critical security warning regarding a vulnerability in the management interfaces of its firewall products. This vulnerability, categorized as a remote command execution (RCE) flaw, could allow unauthenticated attackers to remotely execute arbitrary commands on affected systems. While the number of observed exploitations is currently limited, it poses a serious threat to the security of Palo Alto firewalls. This vulnerability highlights the importance of keeping software up-to-date and implementing robust security measures to mitigate the risk of exploitation. Attackers could potentially leverage this vulnerability to gain unauthorized access to sensitive data, disrupt network operations, or launch further attacks. Organizations using Palo Alto firewalls are strongly advised to apply the necessary patches and security updates to mitigate this vulnerability and protect their systems.