Learn how Versa protects against CVE-2024-3400, a zero-day in Palo Alto PAN-OS GlobalProtect under active exploitation. Get mitigation and update guidance.| The Versa Networks Blog - The Versa Networks Blog
Exploit Public-Facing Application| attack.mitre.org
Last month, Volexity reported on its discovery of zero-day, in-the-wild exploitation of CVE-2024-3400 in the GlobalProtect feature of Palo Alto Networks PAN-OS by a threat actor Volexity tracks as UTA0218. Volexity has conducted several additional incident response investigations and proactive analyses of Palo Alto Networks firewall devices since the initial two cases described in Volexity’s blog post. Volexity believes with moderate confidence that UTA0218 is a China-based threat actor bas...| Volexity
KEY TAKEAWAYS Russian APT GruesomeLarch deployed a new attack technique leveraging Wi-Fi networks in close proximity to the intended target. The threat actor primarily leveraged living-off-the-land techniques. A zero-day privilege escalation was used to further gain access. Ukrainian-related work and projects were targeted in this attack, just ahead of Russian Invasion of Ukraine. In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that le...| Volexity
KEY TAKEAWAYS Russian APT GruesomeLarch deployed a new attack technique leveraging Wi-Fi networks in close proximity to the intended target. The threat actor primarily leveraged living-off-the-land techniques. A zero-day privilege escalation was used to further gain access. Ukrainian-related work and projects were targeted in this attack, just ahead of Russian Invasion of Ukraine. In early February 2022, notably just ahead of the Russian invasion of Ukraine, Volexity made a discovery that le...| Volexity
Sisense's sensor missense sensed no sensor defense| www.detectionengineering.net
Welcome to April 2024, again. We’re back, again. Over the weekend, we were all greeted by now-familiar news—a nation-state was exploiting a “sophisticated” vulnerability for full compromise in yet another enterprise-grade SSLVPN device. We’ve seen all the commentary around the certification process of these devices for certain| watchTowr Labs
