Bridging the gap: Security & Compliance

Some CISOs fear auditors more than they fear actual hackers… Compliance has become a crucial focus with the implementation of regulations like the GDPR, CCPA, and various global data privacy directives. But whilst many organizations have rightfully turned their focus to said compliance, does it actually ensure better (cyber)security?

CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect

Palo Alto Networks published vulnerability CVE-2024-3400 that allows unauthenticated command injection (RCE) in the GlobalProtect feature of Palo Alto Networks PAN-OS software. Specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.