"CISA Issues Alert for Active Attacks on Palo Alto Networks and Sisense"
Palo Alto Networks has issued a warning about a critical vulnerability, CVE-2024-3400, in its PAN-OS software used in GlobalProtect gateways, with a maximum severity score. The flaw allows unauthenticated attackers to execute arbitrary code with root privileges on affected firewalls. Versions PAN-OS < 11.1.2-h3, PAN-OS < 11.0.4-h1, and PAN-OS < 10.2.9-h1 are impacted, with fixes expected on April 14, 2024. The company is aware of limited attacks exploiting the vulnerability and recommends enabling Threat ID 95187 for protection. Cybersecurity firm Volexity discovered and reported the bug, and Chinese threat actors have been increasingly exploiting zero-day flaws in various network security products.
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack The Hacker News
- Why CISA is Warning CISOs About a Breach at Sisense – Krebs on Security Krebs on Security
- Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) Help Net Security
- Attack on data analytics company Sisense prompts alert from CISA The Record from Recorded Future News
- Business intelligence startup Sisense hit by cyber attack CTech
Reading Insights
0
2
1 min
vs 2 min read
62%
265 → 101 words
Want the full story? Read the original article
Read on The Hacker News