MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
alto
Recherche

Thousands of Palo Alto Networks Firewalls Compromised This Week After Critical Security Hole

lundi 25 novembre 2024, 13:34 , par Slashdot
Thousands of Palo Alto Networks Firewalls Compromised This Week After Critical Security Hole
Palo Alto Networks boasts 70,000 customers in 150 countries, including 85% of the Fortune 500.

But this week 'thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bug,' reports the Register:

The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware. Roughly 2,000 devices had been hijacked as of Wednesday — a day after Palo Alto Networks pushed a patch for the holes — according to Shadowserver and Onyphe. As of Thursday, the number of seemingly compromised devices had dropped to about 800. The vendor, however, continues to talk only of a 'limited number' of exploited installations... The Register has asked for clarification, including how many compromised devices Palo Alto Networks is aware of, and will update this story if and when we hear back from the vendor.

Rumors started swirling last week about a critical security hole in Palo Alto Networks appliances that allowed remote unauthenticated attackers to execute arbitrary code on devices. Exploitation requires access to the PAN-OS management interface, either across the internet or via an internal network. The manufacturer did eventually admit that the firewall-busting vulnerability existed, and had been exploited as a zero-day — but it was still working on a patch. On Tuesday, PAN issued a fix, and at that time said there were actually two vulnerabilities. The first is a critical (9.3 CVSS) authentication bypass flaw tracked as CVE-2024-0012. The second, a medium-severity (6.9 CVSS) privilege escalation bug tracked as CVE-2024-9474. The two can be chained together to allow remote code execution (RCE) against the PAN-OS management interface... once the attackers break in, they are using this access to deploy web shells, Sliver implants, and/or crypto miners, according to Wiz threat researchers.

Read more of this story at Slashdot.
Lire la suite sur Slashdot
https://it.slashdot.org/story/24/11/25/063246/thousands-of-palo-alto-networks-firewalls-compromised-...

Voir aussi

alto After 3 Michigan hunters drop dead in a week, a doctor gives some advice BoingBoing25 Nov
palo Your beloved old tech is a security risk. It’s time to let go PC World25 Nov
networks Security updates for Monday LWN.net25 Nov
compromised China has utterly pwned 'thousands and thousands' of devices at US telcos TheRegister25 Nov
security The Future of Online Privacy Hinges on Thousands of New Jersey Cops Wired: Tech.25 Nov
critical Craigslist Founder Gives $300M to Fund Critical US Infrastructure Cybersecurity Slashdot25 Nov
devices GitHub Announces New Open Source Fund with Security Mentoring Slashdot24 Nov
week Les montages du week-end : un NAS de style purificateur d'air par Alsora CowcotLand24 Nov
attackers Les prix des cartes graphiques AMD, Intel et NVIDIA semaine 47-2024 : Pas de miracle pour la Black Week CowcotLand23 Nov
two Les montages du week-end : White et Chic par ValSch CowcotLand23 Nov
were 1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole TheRegister22 Nov
had DEA paid "tens of thousands" to airline employees for targeting innocent passengers to steal their cash — DOJ halts practice BoingBoing22 Nov
mdash Security updates for Friday LWN.net22 Nov
hole Best Windows apps this week BetaNews22 Nov
firewalls Here's what happens if you don't layer network security – or remove unused web shells TheRegister22 Nov
alto 'Alarming' security bugs lay low in Linux's needrestart utility for 10 years TheRegister21 Nov
palo 'Alarming' security bugs lay low in Ubuntu Server utility for 10 years TheRegister21 Nov
networks Security updates for Thursday LWN.net21 Nov
compromised Cdiscount : jusqu'à -60% pour la Black Week (AirPods 4 à 129€, Garmin Forerunner 55 à -30%, LEGO...) Génération-NT21 Nov
security Thousands of AI agents later, who even remembers what they do? TheRegister21 Nov
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
lun. 25 nov. - 19:38 CET