Palo Alto Panic: 500% Spike in Scanning Spooks Cybersecurity Pros!
GreyNoise detected a whopping 500% increase in IP addresses scanning Palo Alto Networks login portals! With 93% labeled suspicious and 7% malicious, the scanners are having a field day. GreyNoise noted this Palo Alto surge shares characteristics with recent Cisco ASA scanning. Make sure your software is up to date, folks!
Hot Take:
It seems the cyber world is buzzing with excitement, and not the good kind! With a spike in scans targeting Palo Alto Networks, it’s like a cyber paparazzi party, and everyone’s invited—except without the red carpet. If Palo Alto’s login portals had a privacy setting, they’d be screaming for help right now. GreyNoise’s latest scoop is like a juicy tabloid story, but instead of celebrities, it’s IP addresses that are stealing the spotlight. Someone call the cybersecurity bouncers because this party is getting out of hand!
Key Points:
- GreyNoise reports a 500% increase in IP addresses scanning Palo Alto login portals.
- 1,300 unique IP addresses involved, with 93% labeled suspicious.
- Most IPs are clustered in the U.S., with others in the U.K., Netherlands, Canada, and Russia.
- Similarities noted with recent Cisco ASA scanning activities.
- Scan surges often precede new CVE disclosures.