US government agency warns of fresh Palo Alto VPN security flaw

Spread the love

The U.S. government is warning that foreign nation-state hackers will “likely attempt” to exploit a new “critical”-rated security vulnerability found in a number of widely used Palo Alto Networks’ network appliances, which if exploited could allow an attacker to break into a company’s network with relative ease.
That’s the warning from US Cyber Command, a division of the Dept. of Defense and former sister-agency to the NSA, which said enterprises should patch their vulnerable devices as soon as possible.

Please patch all devices affected by CVE-2020-2021 immediately, especially if SAML is in use. Foreign APTs will likely attempt exploit soon. We appreciate @PaloAltoNtwks’ proactive response to this vulnerability.
— USCYBERCOM Cybersecurity Alert (@CNMF_CyberAlert) June 29, 2020

The flaw lies in the software that powers several Palo Alto Networks firewalls and enterprise VPN appliances, which let employees access their corporate network from home — access that is crucial during the pandemic — while keeping unauthorized users out.
Typically employees must enter their corporate username and password, and often a two-factor code. But the flaw could, under certain conditions, let an attacker take control of one of these devices without needing a password, granting them access to the rest of the network.
Palo Alto said that a fix was pushed out in a software update, but enterprises can also switch off SAML — a way of letting a user log in to the network — to mitigate the flaw.
But the clock is ticking on enterprises getting those fixes installed. VPN appliances and firewalls are a huge target for hackers as they can provide unfettered access to a corporate network.
Last year, researchers found flaws in three corporate VPN appliances — including Palo Alto. Although fixes were quickly rolled out, enterprises that were slow to patch found their networks under attack, prompting Homeland Security’s cyber advisory unit to issue an alert. In some cases, hackers used the vulnerability to spread ransomware across the network.
For the time being, Palo Alto says there’s no evidence yet of hackers exploiting this vulnerability. But given the immediate risk to networks, companies should patch as soon as possible.

As ransomware gets craftier, companies must start thinking creatively

X ITM Cloud News


Leave a Reply

Next Post

Qualcomm launches its new smartwatch chips

Tue Jun 30 , 2020
Spread the love          Qualcomm today announced the launch of its new Snapdragon Wear platforms for wearables, the Snapdragon Wear 4100 and 4100+. Based on a 12nm process technology, these new platforms promise to breathe new life into the Android Wear ecosystem. One of the first things users will notice is that, […]

Cloud Computing – Consultancy – Development – Hosting – APIs – Legacy Systems

X-ITM Technology helps our customers across the entire enterprise technology stack with differentiated industry solutions. We modernize IT, optimize data architectures, and make everything secure, scalable and orchestrated across public, private and hybrid clouds.

This image has an empty alt attribute; its file name is x-itmdc.jpg

The enterprise technology stack includes ITO; Cloud and Security Services; Applications and Industry IP; Data, Analytics and Engineering Services; and Advisory.

Watch an animation of  X-ITM‘s Enterprise Technology Stack

We combine years of experience running mission-critical systems with the latest digital innovations to deliver better business outcomes and new levels of performance, competitiveness and experiences for our customers and their stakeholders.

X-ITM invests in three key drivers of growth: People, Customers and Operational Execution.

The company’s global scale, talent and innovation platforms serve 6,000 private and public-sector clients in 70 countries.

X-ITM’s extensive partner network helps drive collaboration and leverage technology independence. The company has established more than 200 industry-leading global Partner Network relationships, including 15 strategic partners: Amazon Web Services, AT&T, Dell Technologies, Google Cloud, HCL, HP, HPE, IBM, Micro Focus, Microsoft, Oracle, PwC, SAP, ServiceNow and VMware