Palo Alto Networks observed threat activity that exploits this vulnerability against a limited number of management web interfaces that are exposed to internet traffic coming from outside the network.
Roughly 2,000 devices had been hijacked as of Wednesday - a day after Palo Alto Networks pushed a patch for the holes - according to Shadowserver and Onyphe.
Rumors started swirling last week about a critical security hole in Palo Alto Networks appliances that allowed remote unauthenticated attackers to execute arbitrary code on devices.
The manufacturer did eventually admit that the firewall-busting vulnerability existed, and had been exploited as a zero-day - but it was still working on a patch.
Collection
[
|
...
]