Cybercriminals have been masquerading as sellers of GlobalProtect,[1] a virtual private network (VPN) software from Palo Alto Networks, and delivering a new variant of WikiLoader malware through search engine optimization (SEO) poisoning.
See: https://redskyalliance.org/xindustry/shifts-in-cyber-attack-tactics
WikiLoader, also known as WailingCrab, is a downloader malware first discovered in 2022 by Proofpoint. It's sold in underground marketplaces by initial access brokers, and hackers typica
Palo Alto Networks has released fixes for a zero-day vulnerability affecting its GlobalProtect VPN product that is being targeted following its disclosure last week. Hotfixes for the vulnerability labeled: CVE-2024-3400, were recently published, as promised in an urgent notice about the bug on 12 April. The zero-day carries the highest severity score possible of 10.[1]
Security company Volexity, which Palo Alto credited with discovering the bug, said it “is highly likely” the attacker behind t
