Palo Alto | OSG: Bits, Bytes and Packets

Tag Archives: Palo Alto

Palo Alto updates patching guidance for command injection vulnerability

April 16, 2024 – 5:27 pm
Posted in Attacks, Computers and Internet, Cyber security, Exploit Warning, HAck, Patch Available, POC, Vulnerability
Tagged CVSS Score 10.0, Operation MidnightEclipse, Palo Alto, PAN-252214, PAN-OS, Unit-42
Leave a Comment

https://security.paloaltonetworks.com/CVE-2024-3400

This is a command injection vulnerability that enabled an unauthenticated attacker to execute code with root privileges. POC has been released publicly.

Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.

You can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways or Network > GlobalProtect > Portals).

https://unit42.paloaltonetworks.com/cve-2024-3400

CVE-2024-3400: Volexity warns of Zero-day exploitation of Palo Alto device vulnerability in GlobalProtect feature over versions of PAN-OS.

April 15, 2024 – 5:27 pm
Posted in Cyber security, HAck, Patch Available, Vulnerability
Tagged CVE-2024-3400, CVSS Score 10.0, Global Protect, OS Command injection, Palo Alto, Pan OS, Python backdoor, remote code execution (RCE), UTA0218, Volexity.com
Leave a Comment

Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)

Patches are available for the varied versions of PAN-OS

PaloAlto: SpringShell (CVE-2022-22965) is actively being exploited

April 1, 2022 – 5:08 pm
Posted in Attacks, Computers and Internet, Cyber security, Dont wait, Exploit Warning, Patch Available, POC, Vulnerability
Tagged CVE-2022-22965, Palo Alto, Remote Code Execution, Spring, spring4shell, SpringShell, UNIT 42
Leave a Comment

https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/

Unit 42 provided caution as things heat up between Russia and Ukraine

February 3, 2022 – 6:27 pm
Posted in Attacks, Business Continuity, Computers and Internet, Cyber security, HAck, Malware, Phishing, Technology, Virus
Tagged Gamaredon, Palo Alto, Primitive Bear, Russia, Ukraine, UNIT 42
Leave a Comment

https://unit42.paloaltonetworks.com/gamaredon-primitive-bear-ukraine-update-2021/

Bypass discovered for Log4j patch 2.15.0-rc1. 2.15.0-rc2 released.

December 13, 2021 – 12:11 pm
Posted in Attacks, Cloud, Computers and Internet, Cyber security, Disaster Recovery, Exploit Warning, Patch Available, POC, Technology, Vulnerability, Zero Day
Tagged Apache, CVE-2021-44228, Java, log4j, log4j2, log4shell, Palo Alto, unit42
Leave a Comment

https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/

Instead of preying on fears, bad actors are hoping to capitalize on the desires get away (travel)

September 15, 2021 – 11:55 am
Posted in Attacks, Computers and Internet, Cyber security, Fraud, Hoax, Malware, Phishing, Privacy Alert, Social Engineering, Spam, Work Life Balance
Tagged COVID-19, Dropbox, Firebase, Palo Alto, UNIT 42
Leave a Comment

Bad actors are usually all over current events when it comes to #phishing and #SocialEngineering attacks, in a different twist, they are now preying on those that have been itching to get out and travel. With all the talk about increasing vaccine rates and boosters, the field is ripe for shooting fish in a barrel. Palo Alto Unit 42 describes the trend they have seen. And with all the stolen data/credentials out there, bad actors are armed pretty well

https://unit42.paloaltonetworks.com/travel-themed-phishing/