Tag Archive for: networks

Palo Alto Networks Discloses Exploitation Of ‘Critical’ Zero-Day Flaw Impacting PAN-OS

/in


The company says that exploits of the vulnerability have been ‘limited’ so far.


Palo Alto Networks disclosed Friday that a “critical” zero-day vulnerability affecting several versions of its PAN-OS firewall software has seen exploitation in attacks.

In an advisory, the cybersecurity giant said it is “aware of a limited number of attacks that leverage the exploitation of this vulnerability.”

[Related: Fortinet Discloses Vulnerabilities In FortiOS, FortiProxy, FortiClient Linux And Mac]

Exploits of the flaw “may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall,” Palo Alto Networks said in the advisory.

The vendor said the vulnerability (tracked at CVE-2024-3400) has been rated as a “critical” severity issue. Patches are not yet available but are expected to be released by this coming Sunday, April 14.

Palo Alto Networks provided several recommended workarounds and mitigations for the issue, including temporarily disabling firewall telemetry.

In a statement provided to CRN Friday, Palo Alto Networks said that “upon notification of the vulnerability, we immediately provided mitigations and will provide a permanent fix shortly.”

“We are actively notifying customers and strongly encourage them to implement the mitigations and hotfix as soon as possible,” the company said.

The vulnerability was found in the GlobalProtect feature in PAN-OS firewalls, the company said. The flaw affects the PAN-OS 10.2, PAN-OS 11.0 and PAN-OS 11.1 versions of the firewall software.

“Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability,” the company said. “All other versions of PAN-OS are also not impacted.”

Palo Alto Networks credited researchers at cybersecurity firm Volexity for discovering the vulnerability. In December, Volexity researchers discovered vulnerabilities affecting Ivanti Connect Secure VPN devices, which went on to see mass exploitation by threat actors.

Source…

Attackers exploit critical zero-day flaw in Palo Alto Networks firewalls

/in


“This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls with the configurations for both GlobalProtect gateway and device telemetry enabled,” the company said in its advisory.

Customers can check if they have the GlobalProtect gateway configured under the Network > GlobalProtect > Gateways menu in the firewall’s web interface. The telemetry feature can be checked under Device > Setup > Telemetry.

Mitigating Palo Alto Networks Pan-OS

The company plans to release software hotfixes for PAN-OS 10.2, PAN-OS 11.0 and PAN-OS 11.1 to address the flaw on April 14. These patches will be numbered 10.2.9-h1, 11.0.4-h1 and 11.1.2-h3. Older PAN-OS releases are not impacted and neither are the Cloud NGFW or Prisma Access and Panorama appliances.

Source…

What is a VPN? What virtual private networks do & who needs them – MDJOnline.com

/in



What is a VPN? What virtual private networks do & who needs them  MDJOnline.com

Source…

What is a VPN? What virtual private networks do & who needs them | The Daily Courier

/in


Fast Facts

A VPN can disguise your computer’s digital address, helping to keep you safer online.

VPNs allow users to avoid targeted ads and bypass regional content restrictions. 

Free VPNs exist, but paid options may provide better privacy.

There are plenty of benefits to having a virtual private network (VPN), even if you’ve never heard of one. It’s an additional layer of encryption that helps hide some of your data from prying eyes. 

Digital security has never been more important than it is in this modern era. Plus, if you’ve ever wondered what it’s like to watch Netflix on the other side of the world, a VPN can help you do that, too.

What is a VPN in simple terms?

VPN stands for a “virtual private network.” In a nutshell, it creates a third-party between you and the websites you want to access. 

A well-chosen VPN essentially scrambles some of your data — including your geographic location — making it harder for third parties like internet service providers (ISPs) or websites to collect it.

VPNs can also help you get past website blocks and censorship. For those in the U.S., demand for these nifty little gadgets has started to creep upward as multiple states have enacted ID verification laws for users wishing to access adult entertainment.

Related: Popular adult film star explains why she thinks Utah’s new age verification law won’t work

How does a VPN work? Virtual private networks for beginners

Internet service providers have access to mountains of personal data, which is used to, among many other things, sell you personalized ads. Our internet data is stored by these providers, and hackers can gain access to that data. In some parts of the world, including U.S. states, some content is censored — a VPN can also help you clear those kinds of digital hurdles.

A VPN works to encrypt your data, basically scrambling it all up in such a way that makes it harder to trace. More technically, it masks what’s called your internet protocol (IP) address. 

If the internet were the city you lived in, your IP address would be your computer’s home address. If you can see the benefit of getting a post office box, then you might want to consider a reputable VPN…

Source…