New password spraying attacks target Cisco, PAN VPN gateways

An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks ...
Infosecurity-magazine.com

Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant

Palo Alto Networks has observed that GlobalProtect, its virtual private network (VPN) software, was leveraged to deliver a new variant of the WikiLoader loader malware. In a report published on ...
Dark Reading

Palo Alto Networks Does Not Fully Address Vulnerability in GlobalProtect SSL VPN Solution

Palo Alto Networks has published an advisory about its Palo Alto GlobalProtect SSL VPN solution which is used by many organizations. The advisory was a response to research carried out by Orange Tsai ...
Bleeping Computer

New wave of VPN login attempts targets Palo Alto GlobalProtect portals

A campaign has been observed targeting Palo Alto GlobalProtect portals with login attempts and launching scanning activity against SonicWall SonicOS API endpoints. The activity started on December 2nd ...
CRN

Ingram Micro Attack Did Not Involve GlobalProtect VPN: Palo Alto Networks

The VPN was not ‘the source of the vulnerability or impacted’ in the ransomware attack against distribution giant Ingram Micro, Palo Alto Networks says. Reports connecting the GlobalProtect VPN system ...
Ars Technica

Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating

About 10,000 enterprise servers running Palo Alto Networks’ GlobalProtect VPN are vulnerable to a just-patched buffer overflow bug with a severity rating of 9.8 out of a possible 10. Security firm ...