Shadowserver | Breaking Cybersecurity News | The Hacker News

As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared by the Shadowserver Foundation, a majority of the infections have been reported in the U.S. (554) and India (461), followed by Thailand (80), Mexico (48), Indonesia (43), Turkey (41), the U.K. (39), Peru (36), and South Africa (35). Earlier this week, Censys revealed that it had identified 13,324 publicly exposed next-generation firewall (NGFW) management interfaces, with 34% of these exposures located in the U.S. However, it's important to note that not all of these exposed hosts are necessarily vulnerable. The flaws in question , CVE-2024-0012 (CVSS score: 9.3) and CVE-2024-9474 (CVSS score: 6.9), are a combination of authentication bypass and privilege escalation that could allow a bad actor to perform malicious actions, including modifying c...

Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit  said  the attacks take advantage of  CVE-2023-3519 , a critical code injection vulnerability that could lead to unauthenticated remote code execution. The flaw, patched by Citrix last month, carries a CVSS score of 9.8. The  largest number  of impacted IP addresses are based in Germany, followed by France, Switzerland, Italy, Sweden, Spain, Japan, China, Austria, and Brazil. The  exploitation  of CVE-2023-3519 to deploy web shells was previously disclosed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which  said  the attack was directed against an unnamed critical infrastructure organization in June 2023. The disclosure comes as GreyNoise  said  it detected three IP addresses  attempting  to exploit CVE-2023-24489 (CVSS scor...

CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.