From The Hacker News – Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits

From The Hacker News – Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features. "These weren't obscure, corner-case vulnerabilities," security vendor Eclypsium said in a report shared with The Hacker News. "Instead these were very well-known issues that we wouldn't expect to see
From The Hacker News – Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks

From The Hacker News – Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks

Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer. "The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world," Leandro Fróes, senior threat research engineer at
From The Hacker News – Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

From The Hacker News – Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the threat actor in TCP traffic.  "J-magic campaign marks the rare occasion of malware designed