Pernix Technology Group的动态

2,000 Palo Alto Networks devices compromised in latest attacks: Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predominantly located in the US and India, the nonprofit says. Manual and automated scanning activity has been spotted Approximately two weeks ago, Palo Alto Networks warned that attackers have been spotted leveraging a zero-day flaw to achieve remote code execution on vulnerable devices, and advised admins to … More → The post 2,000 Palo Alto Networks devices compromised in latest attacks appeared first on Help Net Security.

Foresiet reports a surge in exploit attempts targeting Check Point's VPN flaw CVE-2024-24919, highlighting the urgent need for immediate patching. Stay vigilant and implement robust security measures to protect against evolving threats. ? Read More at: https://lnkd.in/ggKCHQPP ? #foresiet?

???? Excited to share some jaw-dropping news for my fellow IT pros and cybersecurity enthusiasts! ???? ?? Just uncovered - 14 serious security flaws in DrayTek Vigor routers, including a whopping critical remote-code-execution bug with a perfect 10 out of 10 CVSS severity rating. Talk about a goldmine for spies and crooks looking to wreak havoc! ????? ?? What could this mean? Brace yourselves for potential chaos as cybercriminals exploit these vulnerabilities to seize control of equipment, swipe sensitive data, deploy ransomware, and unleash nasty denial-of-service attacks. Time to up your defense game, folks! ???? ?? As guardians of the digital realm, it's crucial for us to stay vigilant and proactive in the face of evolving threats like these. Here's where our expertise and swift action can make all the difference in safeguarding crucial data and thwarting malicious intents. ???? ?? Let's connect the dots - these vulnerabilities underscore the pressing need for robust cybersecurity measures, continuous monitoring, and timely patching to prevent potential breaches. Remember, the best defense is a proactive offense! ????? ?? Prediction time! With cyber threats escalating in sophistication and scale, we're in for a wild ride ahead. Keep those cybersecurity skills sharp, stay informed, and gear up for the battle to protect what matters most. ???? Join the conversation! What steps are you taking to fortify your cyber defenses in the wake of these vulnerabilities? Share your insights, tips, and strategies below! ????? #ainews #automatorsolutions #cybersecurity #ITpros #TechTrends #StaySecure #CyberDefense #ExpertInsights #CyberSecurityAINews ----- Original Publish Date: 2024-10-02 14:38

?? Fortinet Warns of Critical Vulnerability: Immediate Action Required ?? Fortinet has issued a warning about a critical vulnerability impacting its systems, which could allow attackers to gain unauthorized access and compromise sensitive data. Organizations using Fortinet products should prioritize applying patches and strengthening their security protocols to mitigate this high-risk threat. Ensure your defenses are up to date and take immediate action to protect your network.

Fortinet has patched a critical zero-day vulnerability, tracked as CVE-2024-55591, affecting FortiOS and FortiProxy. This flaw, which allows remote attackers to gain super-admin privileges, has been exploited in the wild since at least November 2024. The vulnerability impacts FortiOS versions 7.0.0 to 7.0.16 and FortiProxy versions 7.0.0 to 7.0.19, with patches available in the latest updates[1][2][3]. Fortinet's advisory includes indicators of compromise to assist in detecting attacks[4][5]. Sources [1] Fortinet Confirms New Zero-Day Exploitation https://lnkd.in/dzEeAbJT [2] Fortinet confirms zero-day flaw used in attacks against its firewalls https://lnkd.in/dUshzg3F [3] Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls https://lnkd.in/dhEq3dHw [4] CVE-2024-55591: Fortinet Authentication Bypass Zero-Day ... https://lnkd.in/diXtD5jA [5] Fortinet Confirms Exploitation Of ‘Critical’ Vulnerability In FortiOS, FortiProxy https://lnkd.in/dE4tKVnr [6] Attackers exploiting critical Fortinet zero-day vulnerability https://lnkd.in/dSHDamzk [7] Fortinet Patches Zero-Day Vulnerability In FortiOS and FortiProxy https://lnkd.in/deZ9JQWK

Uh oh ?? Condolences to all the security and IT teams who were rushing to patch their Palo Alto firewalls this weekend. This just highlights the biggest problem with any internet facing appliance -- it's a massive target for attackers who will invariably find and exploit any vulnerabilities. This is especially true when those internet facing appliances also facilitate remote access via a VPN (in this case GlobalProtect, but most firewalls also offer the same). Until we can write 100% perfect software (don't hold your breath), the best case is to turn off that internet facing remote access interface. There are so many ways to do that now (including Twingate) that there's really no point in delaying until the next exploit is announced. ?? Lior Alex Tyler Ben Farokh Clinton Stuart Ferren Amy Shakeel Jon Sean Max Lindsay Brendan Grady Chris Ben Arthur Emily Erin Anna Eran Sagie Birol Libby Molly Jackie Sujay ChenLi Alex Jay Ilya https://lnkd.in/ghTkyhJV

While it's impossible to guarantee flawless protection, there are several common weaknesses or vulnerabilities that can compromise the security or stability of your network, hardware or software. Read our white paper to find out how you can prevent them → https://bit.ly/3UDEt1u #data #security #technologies

On Friday, April 12th, Palo Alto Networks released an urgent security alert that a critical command injection vulnerability existed in their PAN-OS software (CVE-2024-3400) that would enable an unauthenticated attacker to execute arbitrary code with root access to the firewall. The vulnerability applies to PAN-OS 10.2, 11.0 and 11.1 firewalls that have the GlobalProtect gateway or portal, or both, with device telemetry enabled. The CVE has a base CVSS score of 10. Trend Micro customers can protect their firewalls with TippingPoint IPS #TippingPoint #TrendMicro #Zeroday https://lnkd.in/e9UFKZm4

If you run a Paloalto firewall, with PAN-OS, watch for the coming patches, a zero day with a score of 10, unpatched yet, should be fixed in 2 days. "Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks" The linked article list the following compensation measures meanwhile : ? Users with an active 'Threat Prevention' subscription can block attacks by activating 'Threat ID 95187' in their system. ? Ensure that vulnerability protection is configured on 'GlobalProtect Interfaces' to prevent exploitation. More info on that is?available here. ? Disable device telemetry until fixing patches are applied. Instructions on how to do that can be found on?this webpage. Patch management and vulnerability management is part of your day to day security. This is where active threat intel and active teams play a key role to mitigate vulnerabilities and lower the risks. #cybersecurity #pan #paloalto #firewall #zeroday #patchmanagement https://lnkd.in/e5DR2QBc

Hackers got into the firewall changing configurations to modify the output setting from 'standard' to 'more.' This is a way for hackers to poke around before deciding to do more sinister things. Often hackers are in your systems months before you even notice. The fix: "To mitigate such risks, it's essential that organizations do not expose their firewall management interfaces to the internet and limit the access to trusted users."