Home ยป Warning: Vulnerability in PAN-OS Exposes Path for Hackers to Attack VPN; Attacks Detected, Patch Pending

Warning: Vulnerability in PAN-OS Exposes Path for Hackers to Attack VPN; Attacks Detected, Patch Pending

Palo Alto Networks reports the discovery of a hacking group targeting PAN-OS through a previously unknown vulnerability in GlobalProtect, termed Operation MidnightEclipse. The company is currently developing a patch scheduled for release on April 14th to address this issue. However, it is believed that only a single group of malicious actors is aware of this vulnerability, and the risk can be mitigated by disabling the device telemetry feature until the patch is available. This report includes the IP addresses used by the attackers and the list of files downloaded during the successful breach. Organizations concerned about being targeted can query the system logs for verification.

Source: Palo Alto Networks

The interface of PAN-OS Device Telemetry displays relevant information.

TLDR: Palo Alto Networks discovered a hacking group exploiting a vulnerability in GlobalProtect, with a patch in development to address the issue. Risk can be reduced by disabling device telemetry until the patch is released.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Bitwarden Vulnerability Unveiled: Exploiting Windows Hello to Decrypt Database Keys – Developer Patched Issue Since April

Acquisition of Talon: Palo Alto Networks Empowers Web Security with Cutting-Edge Israeli Startup

Software Giant Apple Releases iOS 16.6.1, macOS Ventura 13.5.2, and watchOS 9.6.2, Addressing Security Vulnerabilities