Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)

Summary:   A critical advisory was released by Palo Alto Networks for PAN-OS. PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.   Advisory Link: https://security.paloaltonetworks.com/CVE-2020-2021   Description:   Authentication Bypass vulnerability was found in SAML(Security Assertion Markup Language) Authentication. An unauthenticated network-based attacker can access protected resources due to improper verification of signatures in PAN-OS SAML authentication.    SAML Workflow  SAML … Continue reading “Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)”

TOPSEC Firewall Exploit (ELIGIBLE CONTESTANT)

Abstract: Few days ago, an unknown threat actor, that goes by the name “The Shadow Brokers” leaked some highly sophisticated exploits. It is alleged that the exploits leaked by “The Shadow Brokers” belong to Equation Group – an elite cyber-attack group associated with the NSA. These leaked exploits work against many routers/firewalls from prominent vendors … Continue reading “TOPSEC Firewall Exploit (ELIGIBLE CONTESTANT)”