CISA Warning Activated by Firewall Bug

  • By Steven
  • Aug 26, 2022

Digital miscreants are currently ambushing PAN-OS. The Palo Alto Networks' creation is undergoing immediate patching. The software that runs the firewalls is being attacked, spurring the United States Cybersecurity and Infrastructure Security Agency, or CISA for short, to warn both government digital security specialists and those who work for the public to implement fixes. Federal agencies are advised that they should remedy the patch by the second week of September at the latest.

What is the Background of the Warning, and Why Should Businesses Care?

Palo Alto Networks implemented a quick repair for the bug, considered to be of high severity. The bug officially referred to as CVE-2022-0028, was addressed earlier this month. The bug was prone to exploitation by threat actors. 

The flaw can be taken advantage of by remote hackers to execute unique denial-of-service (DoS) attacks of the reflected variety. This approach ensures there is no need to authenticate the targeted systems, meaning it could easily be replicated if hackers want to shift their focus to your business or computer.

How is the Flaw Exploited?

According to representatives from Palo Alto Networks, the group responsible for maintaining the flaw, it is only possible to exploit it on specific systems and when certain conditions exist. The company's spokesperson also noted that the susceptible systems are not a component of a firewall configuration. 

Subsequent aggressions designed to exploit the weakness have the potential to occur, yet they have not. There is also the potential that such attacks have occurred, and the public has not been notified yet.

Has the Bug Been Highlighted for Posterity's Sake?

Indeed, CISA has added the bug to the list of Known Exploited Vulnerabilities, also referred to as the KEV catalog. The bug was added to the list this past Monday. The catalog is best described as a carefully structured collection of weaknesses susceptible to exploitation in what digital security professionals refer to as in the wild, meaning on publicly connected computers after extensive development. 

The KEV catalog is a list that the agency recommends parties in both the private and public sectors pay attention to facilitate remediation and decrease the chances of successful breaches down the line. Readers are encouraged to learn more about the industry’s latest digital security threats and protections.

What are Amplification and Reflective DoS Attacks all About?

DDoS attacks have gradually evolved as time has progressed. Volumetric attacks have rapidly increased in recent years. In particular, the magnitude of volumetric attacks has increased. Online miscreants are using specialized amplification and reflection attack strategies to take advantage of protocols, including CLDAP, SSDP, DNS, and NTP, for optimal impact. Though these attacks are not novel, they have become much more common in recent years.

Successful DDoS attacks knock businesses off the web, take a chunk out of revenue and steer customers toward the competition. Amplified and reflective varieties of these attacks have the potential to generate that much more disruptive traffic. Such an attack empowers adversaries to maximize the harmful traffic that occurs when concealing the initial points of the traffic used to levy the attack. 

The cyber attack used in the Palo Alto Networks example described above occurs when a miscreant transmits spoofed SYN-style packets switching out the original IP address with that of a victim. A victim who fails to respond triggers the retransmission of the packet, spurring the aforementioned amplification. The hackers altered the amplification of the aggression by retransmitting SYN=ACK through reflection, maximizing the impact even more.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Regal Medical Group Data Breach Affects Patients of At Least Four Healthcare Providers

Regal Medical Group Data Breach Affects Patients of At Least Four Healthcare Providers

It's been less than a week since February 2023 started, yet we are, reading about a new medical breach. Over 90% of hospitals have admitted to being victims of data breaches.

Weekly Cybersecurity Recap February 3

Weekly Cybersecurity Recap February 3

Well, the last month has passed incredibly quickly and without much stir, which gives us hope for the next year. However, this month has been incredibly eventful in the world of cybersecurity.

Bell-Carter Foods Announced A Data Breach

Bell-Carter Foods Announced A Data Breach

Any large-scale company is at heightened risk of becoming the victim of a data breach. It doesn't always seem like the most obvious target; whether it's a power company, a grocer, or a chain restaurant, there is actually a lot of desirable information available from these companies' databases.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address