Palo Alto Networks Under Siege: Brute-Force Attacks Target GlobalProtect Portals!

Palo Alto Networks is witnessing brute-force login attempts on PAN-OS GlobalProtect gateways. This comes after warnings of increased suspicious login scanning activity. Despite the login frenzy, there’s no evidence of vulnerability exploitation. So, is it a global hacker Zumba class or just overly enthusiastic password guessers? Stay tuned for updates!

3P
Published: April 11, 2025 9:17 amAdded: April 11, 2025 at 2:51 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like cybercriminals are playing a high-stakes game of “Guess My Password” with Palo Alto Networks’ GlobalProtect gateways. Spoiler alert: It’s not “123456”.

Key Points:

  • Palo Alto Networks reports brute-force attacks on PAN-OS GlobalProtect gateways.
  • Threat actors began login scanning activity on March 17, 2025.
  • Peak activity involved 23,958 unique IP addresses.
  • Systems in the US, UK, Ireland, Russia, and Singapore are primarily targeted.
  • Key recommendations include updating PAN-OS and enforcing multi-factor authentication.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?