Research only showed firewalls that have management interfaces exposed to the internet.
Fewer Palo Alto Networks firewalls were reported to have been compromised than originally reported.
According to The Hacker News, Censys revealed that it had identified 13,324 publicly exposed next-generation firewall management interfaces.
However Palo Alto Networks said that the actual number of infected devices is smaller than what was reported, as the research only showed firewalls that have management interfaces exposed to the internet.
In addition to working with affected customers, It also said a majority of its customers already follow industry best practices and secure their management interfaces, and only less than 0.5% of its firewalls have an internet-exposed interface.
The Operation Lunar Peek attack campaign involving the exploitation of authentication bypass and privilege escalation flaws - tracked as CVE-2024-0012 and CVE-2024-9474.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
