Home ยป Warning: Vulnerability in PAN-OS Exposes Path for Hackers to Attack VPN; Attacks Detected, Patch Pending

Warning: Vulnerability in PAN-OS Exposes Path for Hackers to Attack VPN; Attacks Detected, Patch Pending

Palo Alto Networks reports the discovery of a hacking group targeting PAN-OS through a previously unknown vulnerability in GlobalProtect, termed Operation MidnightEclipse. The company is currently developing a patch scheduled for release on April 14th to address this issue. However, it is believed that only a single group of malicious actors is aware of this vulnerability, and the risk can be mitigated by disabling the device telemetry feature until the patch is available. This report includes the IP addresses used by the attackers and the list of files downloaded during the successful breach. Organizations concerned about being targeted can query the system logs for verification.

Source: Palo Alto Networks

The interface of PAN-OS Device Telemetry displays relevant information.

TLDR: Palo Alto Networks discovered a hacking group exploiting a vulnerability in GlobalProtect, with a patch in development to address the issue. Risk can be reduced by disabling device telemetry until the patch is released.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Google Uncovers a Glitch in C-PUs: Machine Freezes Despite Running on Virtual Machines and Impacting 10th Generation Core Processors

Securing Networks: Terrapin’s Unveiled Vulnerability Dampens SSH’s Robust Protective Measures, Yet Limited in Attack Surface

Acquisition of Talon: Palo Alto Networks Empowers Web Security with Cutting-Edge Israeli Startup