"Exploited Zero-Day Vulnerability in Palo Alto Networks Firewalls Sparks Urgent Fixes"
Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls since March 26, using compromised devices to breach internal networks, steal data, and credentials. The vulnerability, tracked as CVE-2024-3400, allows unauthenticated remote code execution in PAN-OS firewall software. Volexity, which discovered the zero-day flaw, believes it is highly likely that state-sponsored threat actors are conducting the attacks. The hackers have installed a custom backdoor named 'Upstyle' to pivot to the target's internal network and steal data, and have also deployed additional payloads to start reverse shells and exfiltrate data. Network devices have become a popular target for threat actors to gain initial access to a network and steal data.
- Palo Alto Networks zero-day exploited since March to backdoor firewalls BleepingComputer
- Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability The Hacker News
- “Highly capable” hackers root corporate networks by exploiting firewall 0-day Ars Technica
- Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) Help Net Security
- Major Palo Alto security flaw is being exploited via Python zero-day backdoor TechRadar
Reading Insights
0
1
4 min
vs 5 min read
88%
974 → 113 words
Want the full story? Read the original article
Read on BleepingComputer