VPN PAN-OS vuln mitigation howler: “Disabling telemetry” no help POCs for CVSS 10 bug are out of the bag, tens of thousands are exposed, and telemetry mitigation didn't work.
VPN Palo Alto Networks: CVSS 10 bug in Pan-OS is being exploited in the wild Patch? You'll need to wait until Sunday. Turn off telemetry (no, really; it's a mitigation!) and go to the pub. OK, maybe don't.
Fortinet Fortinet patches MORE pre-auth RCEs, with exploits reported. Ivanti also slips out a fresh VPN fix... "Disable SSL VPN (disable webmode is NOT a valid workaround..."
networks Opinion: It's time to level up the network for the hybrid workforce "Enterprises are deploying a mix of technologies for secure remote access, including VPN, ZTNA, SD-WAN and SASE – on average respondents are using 2.3 different solutions, but..."
Cybersecurity Ivanti VPN appliance exploitation now happening at scale VPN appliances "all appear to have been constructed with the code equivalent of string, stamped with the word ‘secure’ and then just left to decay for 20 years..."
0days Why firewalls, VPNs and hypervisors are a hacker's new favourite target TTPs and telemetry suggest a real focus on zero days and appliances by Chinese APTs.
Cybersecurity The slow demise of the VPN: 5 lessons from DoD's Zero Trust framework From culture to SASE, DevSecOps to network segmentation
Cybersecurity Hackers <3 VPN bugs: Fix this pre-auth RCE bug in SonicWall VPNs asap Patch, patch, patch...
Cybersecurity Critical pre-auth RCE revealed in Palo Alto Networks' GlobalProtect Wait, what? (Patch this one urgently...)
Cybersecurity Colonial Pipeline hackers gained access via unprotected VPN account: password leaked, no MFA 1 password leaked; 1 pipeline down...