Over 2,000 Palo Alto Networks firewalls have been compromised in a widespread attack using two recently patched vulnerabilities (CVE-2024-0012 and CVE-2024-9474), according to Shadowserver Foundation’s internet scanning.
Palo Alto Networks security researchers reported on Wednesday that they detected a “limited set of exploitation activity” involving two vulnerabilities in PAN-OS, the operating system for their next-generation firewalls. These vulnerabilities are classified as zero-days because patches could not be released before they were exploited.
CERT-In has flagged a security vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software, identified as CVE-2024-21287 and cataloged as...
On November 26th, Microsoft patched four vulnerabilities detected in Dynamics 365 Sales, the Partner.Microsoft.Com portal, Microsoft Copilot Studio and Azure...
SL Data Services/Propertyrec, an information research provider exposes a non-password-protected database containing more than 600K records according to the security...
CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that lets unauthenticated attackers with network access to the management interface gain administrator privileges. This could enable them to perform administrative tasks, alter configurations, or exploit other vulnerabilities, such as CVE-2024-9474.
Palo Alto Networks’ Unit 42 research team has named the ongoing attack campaign “Operation Lunar Peek.” Since early November, attackers have been seen installing malware and executing commands on compromised firewalls, suggesting the presence of a public exploit chain.
The Shadowserver Foundation reports that hackers have compromised over 2,000 Palo Alto Networks firewalls by exploiting two recently patched vulnerabilities. Most affected devices are in the United States, followed by India, with additional breaches in the UK, Australia, and China.
Organizations should review the security advisories for guidance on remediation.