Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials.

Lobsters is a community-driven platform for sharing and discussing links to articles, tutorials, and projects related to technology and programming. Readers can learn about a wide range of topics, from software development and system administration to cybersecurity and artificial intelligence. With user submissions, comments, and voting, Lobsters provides a platform for collaborative learning and knowledge sharing among technology enthusiasts.

Lobsters

Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls since March to breach internal networks and steal data. The vulnerability is tracked as CVE-2024-3400. Palo Alto Networks has released mitigations and patches on April 14. The threat actors have been using a custom backdoor named 'Upstyle' to execute commands on compromised devices. Detecting a compromised Palo Alto Networks firewall can be done by generating a Tech Support File or monitoring network activity.

Palo Alto Networks zero-day exploited since March to backdoor firewalls

Network devices have become a popular target