Palo Alto Networks

WEF warned of impending cyber pandemic

The WEF experts warned about the impending cyber pandemic and called for new approaches to risk management associated with the development of next generation technologies. y 2025, next-generation technologies such as ubiquitous connectivity, artificial intelligence, quantum computing or new approaches to identity and access management could overwhelm the defences and lead to a global cyber pandemic, experts at the World Economic Forum’s Cybersecurity Centre predict. The World Economic Forum’s Centre for Cybersecurity has created a community of security and technology leaders to identify future global risks from next-generation technology in order to avert a cyber pandemic. In this regard, the WEF, together with the Oxford Martin School at the University of Oxford, launched an initiative called Future Series: Cybercrime 2025, …

WEF warned of impending cyber pandemic Read More »

WEF warned of cyber pandemic

PgMiner botnet attacks poorly protected PostgreSQL DBs

Palo Alto Networks has discovered the PgMiner botnet, which attacks and breaks into poorly protected PostgreSQL DBs in order to install miners. A new Linux-based cryptocurrency mining botnet exploits PostgreSQL’s Remote Code Execution (RCE) vulnerability, which compromises cryptojacking database servers. Cryptojacking (or simply malicious coin mining) is a common way for malware authors to monetize their operations. Palo Alto Networks has named the new cryptocurrency mining botnet “PGMiner” after its delivery channel and mining mode. The PgMiner botnet operates according to a well-known and well-established by criminals scheme: it randomly selects a range of IP addresses (for example, 18.xxx.xxx.xxx) and then enumerates all parts of this range looking for systems with an open port 5432 (PostgreSQL). PostgreSQL is one of …

PgMiner botnet attacks poorly protected PostgreSQL DBs Read More »

PgMiner attacks PostgreSQL DBs

US cyber command warned about dangerous vulnerability in PAN-OS

The US cyber command warned that in PAN-OS was discovered a dangerous vulnerability and that soon government hack groups are likely to start using it. AN-OS is an operating system running on firewalls and corporate VPN devices, manufactured by Palo Alto Networks. The cause for concern is really serious: the CVE-2020-2021 vulnerability is one of those rare errors that get 10 out of 10 points on the CVSSv3 vulnerability rating scale. Such score means that the vulnerability is easy to use, its operation does not require serious technical knowledge, and it can also be used remotely via the Internet, and attackers may not have any “fulcrum” on the target device. “From a technical point of view, the vulnerability is an …

US cyber command warned about dangerous vulnerability in PAN-OS Read More »

dangerous vulnerability in PAN-OS

Hoaxcalls botnet attacks Grandstream devices

Palo Alto Networks experts warn that the Hoaxcalls botnet attacks the recently fixed vulnerability in the Grandstream UCM6200 series devices. he Hoaxcalls botnet is built on the source code of the Gafgyt/Bashlite malware and is mainly used for DDoS attacks. “The malware is built on the Gafgyt/Bashlite malware family codebase, which we have dubbed “Hoaxcalls”, based on the name of the IRC channel used for command and control (C2) communications, and is capable of launching a variety of DDoS attacks based on the C2 commands received.”, — write Palo Alto Networks researchers. The issue in question has the identifier CVE-2020-5722 and is rated as critical (9.8 points on the CVSS vulnerability rating scale). The vulnerability is related to the HTTP …

Hoaxcalls botnet attacks Grandstream devices Read More »

Hoaxcalls botnet attacks Grandstream
Scroll to Top