Security News

Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. Palo Alto Networks warned yesterday that hackers were actively exploiting an unauthenticated remote code execution vulnerability in its PAN-OS firewall software and that patches would be available on April 14.

Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. "Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability," warns the Palo Alto security bulletin.

Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS...

Attackers are exploiting a command injection vulnerability affecting Palo Alto Networks' firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been compromised."Palo Alto Networks is aware of a limited number of attacks that leverage the exploitation of this vulnerability," they said, and thanked Volexity researchers for flagging the issue.

Palo Alto Networks is facing a proposed class action lawsuit that alleges investors were deceived about the traction of its platform tactics and hurt by an unexpectedly low billings forecast that crashed the share price. The lawsuit claims PAN made "False and/ or misleading statements" and didn't reveal that "Platformization initiatives" were not driving market share rises to a "Significant degree"; or that the corp would need to offer free products to "Entice" customers to "Adopt more of their platforms."

Palo Alto Networks held its annual Code to Cloud Cybersecurity Summit Thursday, focusing on cloud, DevOps and security. Recently, Palo Alto Networks' Unit 42 issued a cloud threat report finding that the average security team takes six days to resolve a security alert.

TechRepublic spoke with Ankur Shah, SVP and general manager of Prisma Cloud, about what cloud security means and how IT pros and decision makers should think beyond the traditional cybersecurity playbook when it comes to cloud security. Ankur Shah: Before the cloud, security was like a house with one front door, a camera and a security guard: one level of security and you're good to go.

Learn Palo Alto Networks cybersecurity with this $20 training We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. For a limited time, the Palo Alto Networks Cybersecurity Fundamentals course is on sale for just $19.99.