Pointing to a computer screen. Image by Tim Sandle.
A recent CISA advisory of a high-severity PAN-OS DDoS flaw found in Palo Alto Networks’ PAN-OS has been announced. This warning has led to the flaw being added to the list of exploited vulnerabilities and allows a remote threat actor to deploy reflected and amplified denial-of-service (DoS) attacks without having to authenticate.
Looking into this issue for Digital Journal is Terry Olaes, Director of Sales Engineering at Skybox Security.
Olaes begins by charting the background to the security vulnerability and its discovery, noting: “Skybox Research Lab found that new vulnerabilities in the wild rose by 24 percent in 2022 and new vulnerabilities in operational technology (OT) products have risen 88 percent year over year, demonstrating just how quickly threat actors are moving to capitalize on an organization’s weaknesses.”
More specifically, with the newly discovered issue, Olaes notes: “In the case of CVE-2022-0028, CISA noted that this vulnerability allows a remote threat actor to deploy reflected and amplified denial-of-service (DoS) attacks without having to authenticate.”
The reason why issues like this…