Infosecurity-magazine.com

Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant

Palo Alto Networks has observed that GlobalProtect, its virtual private network (VPN) software, was leveraged to deliver a new variant of the WikiLoader loader malware. In a report published on ...
heise online

Palo Alto Globalprotect: Malicious code weakness via weak certificate validation

Palo Alto Networks Globalprotect app is used to establish VPN connections. A vulnerability allows attackers to inject malicious code and install it on vulnerable computers with elevated privileges. In ...
Ars Technica

Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating

About 10,000 enterprise servers running Palo Alto Networks’ GlobalProtect VPN are vulnerable to a just-patched buffer overflow bug with a severity rating of 9.8 out of a possible 10. Security firm ...

Rogue VPN servers used to spread malware via malicious updates

Researchers from AmberWolf find two flaws in popular VPN products Flaws can be abused to get the VPNs to connect to malicious ...