[HackerNews] Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges.
Tracked as CVE-2021-3064 (CVSS score: 9.8), the security weakness impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Massachusetts-based cybersecurity firm Randori

Source: Read More (The Hacker News)

You might be interested in …

Daily NCSC-FI news followup 2021-09-23

KRP varoittaa ovelasta Omakanta-huijauksesta toimi näin suojautuaksesi www.is.fi/digitoday/tietoturva/art-2000008285667.html Poliisi kehottaa noudattamaan varovaisuutta pankkitunnuksilla sähköiseen palveluun kirjauduttaessa. VoIP company battles massive ransom DDoS attack www.zdnet.com/article/voip-company-battles-massive-ransom-ddos-attack/ VoIP company battles massive ransom DDoS attack. katso myös www.is.fi/digitoday/art-2000008284709.html FamousSparrow: A suspicious hotel guest www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/ ESET researchers have uncovered a new cyberespionage group targeting hotels, governments, and private companies worldwide. […]

Read More

[SecurityWeek] Dell Patches Critical Vulnerabilities in OpenManage Enterprise

All posts, Security Week

Patches released this week by Dell for its OpenManage Enterprise product address multiple critical-severity vulnerabilities. A systems management and monitoring application, Dell OpenManage Enterprise provides administrators with a comprehensive view of Dell EMC servers, network switches, and storage in their environment. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Daily NCSC-FI news followup 2020-12-27

A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. Koei Tecmo discloses data breach after hacker leaks stolen data www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ Japanese game developer Koei Tecmo has disclosed […]

Read More