top of page

Zero-Day Firewall Hack Affects Thousands of Palo-Alto Users

Published: May 26, 2024 on our newsletter Security Fraud News & Alerts Newsletter.



Corporations using a Palo Alto firewall are urged to patch a zero-day vulnerability. Palo Alto rates this flaw at maximum severity due to hackers taking absolute control of affected firewalls without authentication. This stunning exploit affects more than 150,000 unpatched Palo Alto firewall devices and the thousands of organizations using them.


Firewall In Flames


In general, firewalls exist for those benefiting from a “digital gatekeeper” protecting their network. And these days, who wouldn’t benefit from firewall protection? But, as we learned from this exploit, firewalls aren’t fire-resistant. Even worse, there’s been a recent spate of attacks against corporate security tools including VPN’s, remote access tools, and of course, firewalls. Targeting these devices gets at the heart of corporate network security, and this Palo Alto firewall flaw is a prime example of that.



This zero-day exploit is especially alarming due to the remote and total takeover of the firewall via the internet and without authentication. Authentication tools limit access to a system, keeping those without it from making harmful network changes. In this case, hackers are able to circumvent access limits, change the firewall settings, and wreak havoc on a system.


According to Volexity, the security firm that discovered the flaw, the exploit went back to late March. They claim hackers exploited the zero-day for two weeks before Palo Alto began releasing fixes. The affected firewall is part of Palo Alto’s GlobalProtect line of firewall products. In particular, those using recent versions of PAN-OS software are affected. Volexity believes a government threat actor yet to be identified, first exploited the flaw.


Flame Control


There are steps IT departments and those in charge of a network can take to bolster network security. The Palo Alto case is a great example of how important it is to apply security patches as soon as they’re available. As long as a flaw remains unpatched, especially a zero-day already being exploited, the faster it’s patched, the safer the system. Keeping all software updated is also part of that plan. Installing software like anti-virus and anti-malware is a must. Limit network access only to those employees who need it and do a vulnerability assessment to identify security holes.


Protecting corporate networks is a multi-pronged effort requiring those dedicated to the cutting edge of security, and for good reason. Keeping on top of the latest threats, like Palo Alto’s zero-day firewall flaw, is something money can’t buy.


Want to schedule a conversation? Please email us at advisor@nadicent.com

Kommentare


bottom of page