#CVE20240012

2,000 Palo Alto Firewalls Compromised via New Vulnerabilities

by

November 21, 2024 at 11:20AM Palo Alto Networks reported a drop in internet-exposed firewalls, yet around 2,000 devices remain compromised due to critical vulnerabilities CVE-2024-0012 and CVE-2024-9474. Patches were released in mid-November following confirmed exploitation, with attacks primarily affecting devices in the U.S. and India. Key security recommendations include limiting access to trusted IPs. **Meeting … Read more

Palo Alto Networks patches two firewall zero-days used in attacks

by

November 18, 2024 at 03:57PM Palo Alto Networks has released security updates for two zero-day vulnerabilities in its Next-Generation Firewalls (CVE-2024-0012 and CVE-2024-9474). These flaws allow unauthorized access and privilege escalation, affecting a small number of devices. The U.S. cybersecurity agency has urged federal agencies to patch systems by December 9. ### Meeting Notes Takeaways: … Read more