Video Episode: https://youtu.be/2Axl9hycFN4
In today’s episode, we explore the ongoing attack campaign that has compromised over 2,000 Palo Alto Networks devices due to new security vulnerabilities (CVE-2024-0012 and CVE-2024-9474) and implications for enterprises. We also discuss a critical design flaw in Fortinet’s VPN that allows successful brute-force attacks to go undetected and the emergence of crypto scams on the rapidly growing BlueSky platform. Finally, ESET researchers reveal two newly discovered Linux backdoors, WolfsBane and FireWood, associated with the China-aligned APT group Gelsemium, highlighting the increasing focus on Linux malware.
Article Links:
1. https://www.cybersecuritydive.com/news/palo-alto-networks-consolidation-momentum/733612/
2. https://www.bleepingcomputer.com/news/security/fortinet-vpn-design-flaw-hides-successful-brute-force-attacks/
3. https://www.bleepingcomputer.com/news/security/now-bluesky-hit-with-crypto-scams-as-it-crosses-20-million-users/
4. https://www.helpnetsecurity.com/2024/11/21/linux-backdoors-wolfsbane-firewood/
Music: https://youtu.be/B4gk5tWMvyY?si=q_JjohozMBH7XPNe
Timestamps
00:00 – Introduction
01:04 – Palo Alto
02:01 – Fortinet
03:28 – Bluesky
05:05 – Linux Backdoors
1. What are today’s top cybersecurity news stories?
2. How many Palo Alto Networks devices have been compromised in recent attacks?
3. What vulnerabilities have been exploited in the Palo Alto Networks attack campaign?
4. What issue has been identified in Fortinet’s VPN server logging mechanism?
5. How are scams proliferating on the BlueSky social media platform?
6. What are the characteristics of the newly discovered Linux backdoors, WolfsBane and FireWood?
7. What actions are being taken by BlueSky’s safety team to combat increased scams?
8. How is Palo Alto Networks responding to the recent security flaws and attacks?
9. What are the potential risks posed by Fortinet’s VPN design flaw?
10. What trends are emerging in the cybersecurity landscape regarding Linux malware?
Palo Alto Networks, vulnerabilities, unauthorized access, platformization, Fortinet, VPN, vulnerability, brute-force, BlueSky, scammers, decentralized, crypto, WolfsBane, FireWood, Gelsemium, cyberespionage,
Leave a Reply