One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8646525 |
| Date de publication | 2025-02-03 13:49:16 (vue: 2025-02-03 14:08:08) |
| Titre | Cyble Sensors Detect Attacks on Apache OFBiz, Palo Alto Networks |
| Texte | 
Overview
Cyble honeypot sensors have detected new attack attempts on vulnerabilities in Palo Alto Networks\' web management interface and the Apache OFBiz ERP system, among dozens of other exploits picked up by Cyble sensors.
Cyble\'s recent sensor intelligence report to clients examined more than 30 vulnerabilities under active exploitation by hackers and also looked at persistent attacks against Linux systems and network and IoT devices. Threat actors continue to scan for vulnerable devices for ransomware attacks and add to botnets for DDoS attacks and crypto mining.
The full reports also looked at banking malware, brute-force attacks, vulnerable ports, and phishing campaigns.
Palo Alto Networks Vulnerabilities Targeted
Cyble sensors detected attacks attempting to exploit an OS Command Injection vulnerability in the Palo Alto Networks PAN-OS management web interface.
The vulnerability, CVE-2024-9474, could be used by hackers to escalate privileges in PAN-OS. It could allow attackers who can access the PAN-OS management web interface to perform actions on the firewall with root privileges.
P |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 0012 1024x512 2023 2024 300x150 36104 38856 50968 7593 9474 access actions active actors added additional address addresses administrative administrator affects against agency alert alerts all allow allowing along already also alto among and add and iot apache applying approach arbitrary are asns and assets attack attacker attackers attacks attempting attempts attention attract authenticated authentication authorization available banking because been before being best blocking blogs both botnets breaches brute bypass call campaigns can caption= catalog certain changes check checking cisa click here clients code com/wp command company conclusion configurations conjunction constant content/uploads/2025/02/cyble continually continue continues controls controls: could critical crypto cve cybersecurity cyble data ddos defending deployment details detect detected devices difficult digital directory don dozens email enables endpoints enforcing enterprise erp escalate escalation examined execute exploit exploitation exploited exploits external file file= firewall firewalls fixes follow following force forgery from from cyble full further gain guess guidelines hackers has hashes have here and honeypot https://cyble image immediately implement improper included including incorrect industry info infrastructure injection insights intelligence interface internal internet ioc iocs ips isn issued ivanti jpg kev known large last layered lead leading limitation linux list listed looked majority malicious malware management manager medium mining mitigations monitoring month more nearly need network networks new noted november number occurs ofbiz older only open operates organizations other overview palo pan passwords passwords that patch patching pathname perform periodic permissions persistent phishing picked planning ports possible potentially practice practices preferred prevent privilege privileges proactive properly properties protect quickly ransomware reading receive recent recently recommend recommendations recommended reduce remain remote rendering report reported reports request researchers resetting default resource responsive restricted restricting risk root routinely said scan screen second securing security sensor sensors separate server servers setting should side ssrf stems strongly such suricata system systems tamper target targeted targeting than threat threats title= top to mitigate traffic traversal” trusted unauthenticated unauthorized under upgrading up strong uri use used user usernames users vast version vigilant virtual vtm vulnerabilities vulnerability vulnerable web when where which who without would threat “path “the and urls |
| Tags | Ransomware Vulnerability Threat Patching |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.