Security News > 2024 > May > Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgradesThere are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "Not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability."
Okta warns customers about credential stuffing onslaughtCredential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place.
UK enacts IoT cybersecurity lawThe Product Security and Telecommunications Infrastructure Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy.
Building a strong cloud security postureIn this Help Net Security video, David Kellerman, Field CTO at Cymulate, discusses how cloud security still seems to lag even as the cloud grows in popularity and usage.
Why the automotive sector is a target for email-based cyber attacksIn this Help Net Security video, Mick Leach, Field CISO at Abnormal Security, discusses why the automotive industry is the new most popular target for business email compromise and vendor email compromise attacks.
How insider threats can cause serious security breachesIn this Help Net Security video, Tara Lemieux, CMMC Consultant for Redspin, discusses insider threats and the need for a shift in thinking from implied trust to verified trust, especially as it pertains to DoD employees and/or contractors handling critical information.
News URL
Related news
- Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) (source)
- Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation (source)
- 22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks (source)
- Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack (source)
- Okta warns of "unprecedented" credential stuffing attacks on customers (source)
- Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks (source)
- Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades (source)
- Retail chain Hot Topic hit by new credential stuffing attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-12 | CVE-2024-3400 | Command Injection vulnerability in Paloaltonetworks Pan-Os A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. | 10.0 |