A significant spike in scanning activity targeting Palo Alto Network GlobalProtect login portals has been observed, with ...

William & Mary's Virtual Private Network (GlobalProtect) allows for secure remote access to William & Mary's technology resources. It is now available to all W&M faculty, staff, and students. All W&M ...

Nearly 24K unique IP addresses have attempted to access portals in the last 30 days, raising concerns of imminent attacks ...

It has been specifically designed to commit brute-force attacks on products including SonicWall NetExtender, Cisco AnyConnect, Palo Alto GlobalProtect, Fortinet SSL VPN, and WatchGuard SSL VPN.

GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances.

The endpoints being targeted include SonicWall NetExtender, Palo Alto GlobalProtect, Cisco AnyConnect, Fortinet SSL VPN, Citrix NetScaler (Citrix Gateway), Microsoft RDWeb (Remote Desktop Web ...

Palo Alto GlobalProtect, Cisco AnyConnect, Fortinet SSL VPN, Citrix NetScaler (Citrix Gateway), Microsoft RDWeb (Remote Desktop Web Access), and WatchGuard SSL VPN. The framework searches for ...

Researchers are tracking a significant surge in login scanning activity targeting Palo Alto Networks (PAN) firewalls.

For GreyNoise, there is no doubt that this is a malicious campaign. Of the 24,000 unique IP addresses that scanned Palo Alto devices, 154 were labeled as “malicious” beyond reasonable doubt, while the ...