Zero Day Bug Found in Popular Firewalls
Вставка
- Опубліковано 14 кві 2024
- In this video I discuss the critical command injection vulnerability in PAN-OS (used on Palo Alto Networks firewalls) that is being actively exploited and how how can secure yourself against this threat.
My merch is available at
based.win/
Subscribe to me on Odysee.com
odysee.com/@AlphaNerd:8
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF - Наука та технологія
whats with all the vulnerabilities being found this month
Jacky be hacky
@@johnsmith8981
Stop deifying AI, it's a tech bubble fed by illegally scraped data and nothing more.
Better than feds and other "cyber security specialists" exploiting them as zero days under the radar
The XZ exploit sparked everyone to check their defences again.
@@johnsmith8981 I am sure cyber security companies would be able to use AI as well for their systems so it's unlikely that would happen
It’s hilarious that this takes place over the device telemetry channel, AKA the spyware that Palo Alto highly encourages you to not opt out of
because it collects errors 🤯🤯🤯🤯🤯🤯🤯🤯🤯🤯🤯🤯
@@JacobyB It collects errors. Good thing bugs are features and not errors.
It doesn’t matter if telemetry is on or not
@@ARCNSPUDS Palo specifically recommended in their advisory that you disable telemetry to mitigate the issue, I’m sure you know better than them
@@jonahkrompart Nah, there was an update from PANW which states that telemetry does not need to be enabled for this CVE to be exploited.
State sponsored threat actors seething hard rn.
This
No, I am fine
@@TheSuperBoyProjectBeing on unemployment benefits doesn't count as "state sponsored"
@@spacemeter3001 topkek
@@spacemeter3001 lmao gg
That feeling when the firewall glows brighter than the fire...
Don't worry, my firewall has a firewall.
good luck pal i'm 7 firewalls deep
Yo dawg I heard you liked firewalls so I got your firewall a firewall
firewall²
it doesn't matter if they are on a same network and one of them can be compromized
Firecube
This isn't a 0-day, this is an alphabet soup agency backdoor
Month of vulnurabs
Yeah wtf is happening?
@@Alfred-Neumanthese are found all the time. people have just been making more videos of them lately
NSA must be seething this month
Lol
Seeding***
It was over for Palo Alto once Professor Messer stopped working there
Context?
Back door insisted by the glowies
I work in cybersec, got this one on my desk under NDA very late march. Patch was out when they announced it to the rest
in 2016 we were only discovering maybe 10K-30K CVE's a year.
in 2022 we were discovering 100,000 CVEs a year.
in 2024 we're discovering 4x the amount of CVEs a year.
goodluck blue team. this year is gonna be hell for you. 😭😭
get out of infosec, its an overworked industry and it will only get worse. bad career choice. like videogaming industry.
@@rohanofelvenpower5566 lol with that mindset, I wonder what insecure world would we live in then. This actually give a survival bias, where in actual there is 'more' need of infosec than running out of it.
@@rohanofelvenpower5566 Isn't that exactly the reason to get into it?
@@markmonster3315if you enjoy regular overtime, 10 hours shifts, sometimes and earning 5x less than some dude typing SQL commands at a bank for 10 hours a week, sure.
That is basically game dev industry, that is why i always say to new programmers to not do game dev.
I do not know about cybersec industry, maybe it is not as bad, since it is more boring than game dev.
The pay and working conditions of a programming job is proportional to how boring it is.
- me, 2024
@@rj7250aso the more boring something is, the better the pay and the better the work conditions?
I have a feeling you meant to say inversely proportional...
TLDR: Your firewall should have a firewall
I wanted an enterprise grade firewall for my home network so I could gain work experience with it. I couldn't afford any of them I saw and then loads of flaws in them were announced. I then bought a workstation/server and installed OpenBSD on it and love it.
@GhOs7-Operator WiFi isn't very good under OBSD but I used an old Asus router for that, which is connected to my firewall though and Ethernet cable and I have no problems there either. I put 16GB ECC RAM in (this was 2015) which I know is much more than would be needed but it let me setup part of it as a RAM disk so the SSD drive is almost only used during boot ups and software updates to help it last longer.
I'm responsible for a pair of Fortigate appliances. We've had to patch out vulnerabilities before but we generally stay on top of it. While we are attacked relentlessly and constantly, we've so far never had a breech (at least not that we know of yet). What's frustrating, is I can't get upper management to take anything seriously, so we have a weak backup policy and no budget to do anything.
They'll learn once they get compromised
Maybe sell it to them like an insurance policy, you rather pay some money in order not to become bankrupt, incase it does go bad
Because this would be the worst possible outcome.
@@spacemeter3001 hopefully, but some still don't
I manage one at work and a personal one at home.
We’ve closed off as much as we can and enabled 2FA on basically everything but with how bad exploits have gotten over the past few years, I take a zero tolerance policy towards updating.
If a new update drops, I send out a email saying internet will be offline for about 5 minutes at the end of the day and the only one that can tell me any different is my boss’s boss.
When you wonder if it's a bug or a feature...
???
Schizo moment
@@gandalfdaking glowie moment
It's always something, isn't it?
Keeps me employed!
@@_ruddegar pretty much why this shit is happening lmao. more jobs I guess
@dinguscollective1872 lol you might be on to something.
funnily enough, the Security+ certificate which is considered fundamental cert, provided by CompTIA, actually calls out that security controls themselves have the possibility to be vulnerable and open to attack vectors.
Nice walkthrough. Thank you.
Thank you for the video
It's funny how I was looking at this in the morning & now you published a video about it.
Excellent video 👍 Thank you 💜
Your security vulnerability discovery videos are my favorite
oh that swag "Won't fix" still gives me chuckle
Vulnerabilities playing April fools the entire month
The number of bugs in our systems is TOO DAMN HIGH!
More of these videos would be appreciated
Hacking into someone’s router is the equivalent of “I’m in your walls”
Oh another RCE/hard coded credentials vulnerability? Gee Palo Alto you sure do suck tonight.
We are on an older panos so we are fine :).
💥💥💥💥
Make a t-shirt with Monero-chan looking cute and I will buy one
💀
He should make one where her bare feet and them toes are visible 😛🦶👡
I thought he made a bunch long time ago...
couple months ago there was fortinet that had a vulnerability
"D-disable telemetry to g-get it to stop? John you're smart, will the breach or disabling telemetry lose us more money?
"Sir, the telemetry is for just the employees"
"Then it's more valuable!!!"
"..."
hmmm...... Disable Telemetry.......
who'da thunk?
That hacker in the beginning wearing the mask looks like he was mixing and spinning some vinyl.
Looooool
Im too easily amused "please like and share it"
Nice little animation around the like button... Who knows how long this has been a thing but neato
Any hospital or med facility I go too all have Palo Alto’s 😂
Critical RCE Theory
microsoft SSH man is the harambe of the NSA
I wonder if this is how my university I go to got hacked into. Whoever it was critically damaged or wiped all the virtual machines and had access to tons of private information.
GOOD MORNING SIRS PLEASE REMIND TO DO THE NEEDFUL AND SFC /SCANNOW
not only Rust, also GO or c# was recomended
putty also has a vulnerability discovered where private keys can be exposed
nice one there
Vulns in all things held sacred - Linux, Rust, Palo...
That picture of Biden was epic :D
At the foothills of my IT career, it appears as though cybersecurity might be a viable and secure specialisation?
Quite hilarious that I received multiple alerts at work from this incident lmao
i blame Obama for these bugs
yes obama and the hackers are for sure russians
I'm still waiting for the medium form birth certificate.
Aaajhhhhh BuGs 😢
so then the exploit guard needed for this is something that can watch out the use of any commands on CSS file creation, or watching out the vailidity of the CSS creation itself.
"Security" products are bigger target than browsers...
WEF sponsored code
First you fix zee bugs, then you eat zee bugs.
Yooooooo, another one?!?!?!
Oh boy)
LOL i have worked in a bank that uses Palo alto Firewall, i wonder if they have telemetry on
third major bug this month, woo!
WOOOOOOO!!! 5 MILLION LEFT!!!
Firewall you had 1 job!
This video is a based win
CSS confirmed to be evil
Yes 😅
The cursed month
I wonder if you could build a toaster with out it being a smart appliance, do we have the technology or is it just a unattainable dream?
I don't even use a firewall on any of my GNU systems.
*1:44*
Can you do a video on kicksecure? Please 🙏
Once this stuff is used and smarter people integrate into an existing tools with more persistence, good luck.
Someone please tell me where did 0:21 came from. I have to know that 😭😭😭
It’s not exactly clear which name corresponds to which colors on the tor t shirts. Specifically confused about moondance and royal.
tf is up with all these vulnerabilities recently?
How is that gonna affect Stock Prices of palo. How big of a deal are we talking about.
What's up with series of critical bugs in the last month?
Are they making cyber false flag for force some laws?
What's happening?
government agencies stash of exploits getting discovered this month, huh...
linux exploit giving ring 0
xz
poorly escaped strings in windows
this
the windows one has been known of for a long time, getting a 10/10 CVE tagged on rust got it very famous very fast
just assume all your software has vulnerabilities
Wait, their WEB UI is running on a Read/Write File System? Thats just asking for trouble.
We have a LOT of 10/10 Critical CVEs these days
Again ? Are we doing good those days or bad ? not sure.
Can you make a don't mess with taxes shirt? on your store?
Tldr: It's because they didn't install McAfee
My employer uses PaloAlto and GlobalProtect for our VPN lol
This product has always been a risky product due to it's surface. So not surprised at all. So why was the WEB port exposed in the first place ?!?! OMG LOL ROFL
The only thing keeping Java from being destroyed as it deserves is Minecraft. I tell ya, if I never have to use, or see Java again, I will feel true happiness.
Isn't the bedrock edition just Minecraft in C++ because of all the problems the Java edition caused? (Shitty GC, etc)
You can still find nice MC clones written in other languages as well
@@zyriab5797 No, I will never play that facsimile of what Minecraft is. The thing that made Minecraft great was BECAUSE it was written in a language like Java. Java is EASILY reverse engineered, and easily modded. That must stay in place for me to even consider it. Classicube comes CLOSE, but the fact that they restrict themselves to classic is very very unfortunate. Beta 1.7.3 is and has always been the best version of Minecraft. and things like Glowstone are so incomplete it isnt even worth it.
Chat, are we fucked?
Build your own Opnsense firewall. Problem sidestepped.
wsg
please correct the video, they updated the page, disabeling telemetry does not mitigate the vulnerability!!!
Hevking first
See, the firewall vulnerabilities only affect you if you actually use a firewall. There is only one solution here.
Yo Kenny, why the hell does Google say you are a “Musical Artist”? Drop the beats, homie.
This is going to keep the cybersecurity team at my company pulling their hair out as we use global protect. Glad I am not them.
Not really… just disable telemetry, apply threat content updates, or upgrade the OS
Welp lets see this shit
Pullo Alto lol
I think Palo Alto is losing control of their code base maintainability.
bro what is going on rn with all the exploits
@MO - "Gay Agenda"
Does firewalls stop ddos
Which cloud?
Wow so deep
I definitely watched the entire videos
ur mmmummmmmmm
pula
you really need to take care of your comment section. full of bots and spammers.
Firewall situation and Imma1st
Don't take my comments seriously. It's only a meme
Everybody is getting on the hype train for Rust thinking it's the magic bullet to all their problems. Just like Java was the magic bullet back in the 2010s. It's idiotic to suggest a programming language can be the goto solution for solving security problems in software that is fundamentally not secure.