RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the Read more…

Stealthy BLOODALCHEMY Malware Targeting ASEAN Government Networks

Stealthy BLOODALCHEMY Malware Targeting ASEAN Government Networks

Stealthy BLOODALCHEMY Malware Targeting ASEAN Government Networks Cybersecurity researchers have discovered that the malware known as BLOODALCHEMY used in attacks targeting government organizations in Southern and Southeastern Asia is in fact an updated version of Deed RAT, which is believed to be a successor to ShadowPad. “The origin of BLOODALCHEMY and Deed RAT is Read more…

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in Read more…

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect Read more…

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of Read more…

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an “aggressive” campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Read more…

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. Read more…