April 16, 2024 at 02:38PM A critical vulnerability, tracked as CVE-2024-3400, has been actively exploited in Palo Alto Networks’ PAN-OS firewall software. Threat actors can execute arbitrary code as root via command injection, impacting PAN-OS 10.2, 11.0, and 11.1. Palo Alto Networks is releasing hotfixes, urging users to disable certain features and providing threat prevention … Read more
April 16, 2024 at 07:27AM PuTTY SSH and Telnet client versions 0.68 through 0.80 are vulnerable to a flaw allowing recovery of private keys. The issue, designated CVE-2024-31497, was discovered by Fabian Bäumer and Marcus Brinkmann. The concern affects PuTTY and several other related products, mitigated in recent versions. Users are advised to update and … Read more
April 16, 2024 at 06:48AM Privileged access management provider Delinea rushed to patch a critical authentication bypass vulnerability in Secret Server SOAP API. Despite attempts at responsible disclosure, the company initially ignored researcher Johnny Yu’s findings. Delinea has since released patches for its platforms and assured customers that their data has not been compromised. No … Read more
April 15, 2024 at 03:50PM Palo Alto Networks released hotfixes to address a zero-day bug (CVE-2024-3400) in PAN-OS software, allowing threat actors to deploy a Python backdoor on affected firewalls. The attacks were limited, but the potential for further exploitation exists. The US CISA has prioritized addressing the flaw, and security experts warn of the … Read more
April 15, 2024 at 01:03PM A security flaw in the Lighttpd web server used in BMCs, unpatched by Intel and Lenovo, poses a risk of exfiltrating sensitive data. The absence of prompt security information prevents proper handling of the fixes down firmware and software supply chains. Out-of-bounds read vulnerabilities in susceptible versions of Lighttpd remain … Read more
April 15, 2024 at 09:04AM Palo Alto Networks is addressing a zero-day vulnerability that has been exploited since March 26th to backdoor PAN-OS firewalls. The flaw affects certain firewalls and can be exploited remotely to gain root code execution. Hotfixes have been released, and additional security measures are available. The active exploitation has been confirmed … Read more
April 15, 2024 at 06:54AM Palo Alto Networks has released hotfixes for a zero-day vulnerability (CVE-2024-3400) targeted by state-sponsored actors. Vulnerable firewalls allow remote attackers to execute code with root privileges. Initial mitigations were issued, and more hotfixes are expected. Exploited devices facilitated data exfiltration and deployment of a new Python backdoor. Links to BianLian/Lazarus … Read more
April 15, 2024 at 04:21AM Palo Alto Networks has released hotfixes to address a critical security flaw (CVE-2024-3400) in PAN-OS software that is actively exploited. The flaw allows unauthenticated attackers to execute arbitrary code with root privileges on firewalls. This impacts specific PAN-OS versions and cloud-deployed firewall VMs. Threat actors have been leveraging the flaw, … Read more
April 12, 2024 at 09:32AM Palo Alto Networks warns of an actively exploited critical command injection vulnerability in PAN-OS firewall, affecting specific versions. The flaw, tracked as CVE-2024-3400, poses significant risk as it allows attackers to execute code with root privileges. Mitigations and temporary fixes are advised until security updates are available to address the … Read more
April 12, 2024 at 07:36AM Palo Alto Networks warns of a severe OS command injection vulnerability (CVE-2024-3400) in PAN-OS GlobalProtect, allowing arbitrary code execution with root privileges on affected firewalls. Remediation patches are expected by the end of the week. Customers are advised to check and apply mitigations to prevent exploitation. Volexity is credited for … Read more