Connect with us

Cyber Crime

U.S. Agency Flags and Warns of Two Vulnerabilities in Palo Alto Networks

Cyber Crime

How Infostealer Malware Can Devastate Your Digital Life

Cyber Crime

Top 10 Daily Cybercrime Brief by FCRF [18.12.2024]: Click here to Know More

Cyber Crime

Bengaluru Man Exposes New Taxi Scam Using Fake Uber App to Overcharge Passengers

Cyber Crime

Top 10 Daily Cybercrime Brief by FCRF [17.12.2024]: Click here to Know More

Cyber Crime

Cybercriminals Set Their Sights on SAP: The New Goldmine for Hackers

Cyber Crime

How Cybercriminals Are Hijacking YouTube Accounts To Spread Crypto Scams

Cyber Crime

Fake ‘High-Salaried Manager’ Exposed: Ex-Security Guard Dupes Women on Matrimonial Sites for 7 Years

Cyber Crime

Top 10 Daily Cybercrime Brief by FCRF [16.12.2024]: Click here to Know More

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [15.12.2024]: Click here to Know More

Cyber Crime Policy Watch

Delhi High Court Urges States, UTs, and Intermediaries to Join I4C’s SAHYOG Portal to Combat Cybercrime

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [14.12.2024]: Click here to Know More

Cyber Crime Policy Watch

8-Year-Old Boy Honored as Cyber Safety Ambassador in Eluru’s Innovative Program

Cyber Crime

Dream Job or Nightmare? How a Fake IBM Offer Could Empty Your Bank Account

Cyber Crime

Noida Police Crackdown: 76 Arrested, Call Centre Seized in Tech Support Fraud Targeting Americans

Crime Cyber Crime

796 Arrested in Massive EU Cyber Police Crackdown Against Organized Crime Across 26 Countries

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [13.12.2024]: Click here to Know More

Cyber Crime

Scammers Exploit PAN 2.0 Rollout with Multiple Fraud Schemes: Stay Alert!

Cyber Crime

Prescription for Disaster: Doctor Hands Over Rs 11 Crore to Crypto Con Artists

Cyber Crime

Hackers Target Big Corporations as Ransom Payouts Shrink, Moody’s Warns of Rising Risks

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [12.12.2024]: Click here to Know More

Cyber Crime

Mastermind Behind 'Digital House Arrest' Scam Apprehended by Uttarakhand STF

Cyber Crime Policy Watch

Mahakumbh 2025: How CM Yogi’s Task Force Is Fighting AI Scams and Cyber Fraud

Cyber Crime

From Fake Fines to Phishing: New Scam Targets UAE Residents During Festive Season

Cyber Crime

Delhi Police’s Official X (Twitter) Handle Hacked, Transformed Into ‘MagIC Edem’

Cyber Crime

Top 10 Daily Cybercrime Brief by FCRF [11.12.2024]: Click here to Know More

Cyber Crime

New UPI Scam Alert: Police Advisory Reveals How to Stay Safe

Cyber Crime

Top 10 Daily Cybercrime Brief by FCRF [10.12.2024]: Click here to Know More

Cyber Crime

Operation Thiraineeku: Tamil Nadu Police Nab 70 Cybercriminals in 3 Days

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [08.12.2024]: Click here to Know More

Cyber Crime

Cybercrime Alert: Digital Arrest Scam Busted by Uttarakhand STF, Rs 45.4 Lakh Recovered

Cyber Crime

Mother-Daughter Duo Trapped in Digital Arrest, Duped of Rs 36.58 Lakh

Cyber Crime

Hackers Use Fake Video Conferencing Apps to Deploy ‘Realst’ Malware, Targeting Web3 Professionals

Bureaucracy Cyber Crime

Court Orders FIR Over Alleged Hateful Social Media Posts on Ex-IPS Officer's Plea

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [07.12.2024]: Click here to Know More

Cyber Crime

Kolkata Police Busts International Cybercrime Racket: 17 Arrested, Rs 245 Crore Swindled, Funds Routed Through Sri Lanka to Dubai via Cryptocurrency

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [06.12.2024]: Click here to Know More

Cyber Crime

China’s Cyber-Offense Ecosystem: A Global Threat in the Making

Cyber Crime

Hacking Democracy: Romanian Elections Hit by Massive Cyber Intrusions

Cyber Crime

Massive Police Crackdown: 50+ Servers Seized, 200 TB of Digital Evidence Secured, 2 Suspects Arrested

Cyber Crime

Man Sentenced to 13 Years in Jail for Global Romance Scam and Money Laundering

Cyber Crime Uncategorized

FBI Urges Americans to Switch to Encrypted Apps Amid Unprecedented Cyberattacks

Cyber Crime

Death Penalty or Rs. 75000 Crore : Vietnam Tycoon’s Race Against Time in Rs 2.24 Lakh Crore Fraud Scandal

Cyber Crime

Cyber Crime Police Investigate Woman Accused of Defrauding Money Exchange Company

Cyber Crime

Crypto Crackdown : Authorities Dismantle Russian Money-Laundering Network Using Tether

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [05.12.2024]: Click here to Know More

Cyber Crime

Two Chartered Accountants Arrested in Rs 640 Crore Cyber Fraud: All Eyes on ICAI’s Response as Regulator

Cyber Crime Uncategorized

Hackers Swipe Rs. 12, 500 crores in Crypto So Far in 2024

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [04.12.2024]: Click here to Know More

Cyber Crime

Police Crack Down on MATRIX: Encrypted Communication Platform Used by Criminals, 23 Lakh Crime Messages Intercepted

Cyber Crime

UK Hospital Hit by Cyber Attack: Critical Medical Services Disrupted, IPD and OPD Shift to Manual Operations

Cyber Crime

Apple Faces Legal Action in USA Over Alleged Employee Surveillance Scandal!

Cyber Crime

Indian Restaurant Reservation Platform EazyDiner Hit by Cyber Attack: Sensitive Customer Data Leaked!

Cyber Crime Trending

Top 10 Daily Cybercrime Brief by FCRF [03.12.2024]: Click here to Know More

Cyber Crime

Agra Cyber Cops Bust Rs 110 Crore International Fraud Syndicate: 5 Arrested, Rs 13 Lakh Recovered

Cyber Crime

Mumbai Woman Blackmailed in ‘Digital Arrest’ Scam: Stripped and Scammed of Rs 1.78 Lakh

Cyber Crime

15 SpyLoan Malware Apps with 8 Million Downloads Found on Google Play

Cyber Crime

U.S. Agency Flags and Warns of Two Vulnerabilities in Palo Alto Networks

Published

1 month ago

on

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning about two newly exploited vulnerabilities affecting Palo Alto Networks’ Expedition tool.

These flaws have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, mandating that Federal Civilian Executive Branch (FCEB) agencies implement the recommended updates by December 5, 2024.

The security vulnerabilities identified are:

  • CVE-2024-9463: A critical OS Command Injection vulnerability in Palo Alto Networks Expedition, with a CVSS score of 9.9.
  • CVE-2024-9465: A SQL Injection vulnerability, scoring 9.3 on the CVSS scale.

ALSO READ: Nominations Open for ‘Women in Cyber’ Honors at FutureCrime Summit 2025

If exploited, these vulnerabilities allow attackers to execute arbitrary OS commands as root within the Expedition migration tool or access its database.

This could lead to exposure of sensitive data, including usernames, plaintext passwords, device configurations, and API keys associated with PAN-OS firewalls. Attackers may also be able to create and access arbitrary files on affected systems.

Palo Alto Networks initially addressed these issues in an October 9, 2024, update and later revised its advisory to confirm active exploitation of CVE-2024-9463 and CVE-2024-9465 as reported by CISA.

However, details about the threat actors involved or the scale of the exploitation remain limited.

This announcement follows a previous CISA alert about CVE-2024-5910, another serious vulnerability in Expedition with a CVSS score of 9.3, actively exploited as of last week.

ALSO READ: FutureCrime Summit: Biggest Conference on Cyber Crimes Set to Return on February 13-14, 2025, in New Delhi

Additionally, Palo Alto Networks reported detecting limited exploitation of an unauthenticated remote command execution vulnerability impacting some firewall management interfaces exposed to the internet.

While the vulnerability has not yet been assigned a CVE identifier, it holds a CVSS score of 9.3. The company is actively investigating and aims to release patches and threat prevention signatures soon.

Follow The420.in on

 TelegramFacebookTwitterLinkedInInstagram and YouTube

Related Topics:
Continue Reading