CVE-2024-3400: Critical Palo Alto PAN-OS Command Injection Vulnerability Exploited by Sysrv Botnet’s XMRig Malware On Friday, April 12, 2024, Palo Alto Networks PAN-OS was found to have an OS command injection vulnerability (CVE-2024-3400). Due to its severity, CISA added it to its Known Exploited Vulnerabilities Catalog. Shortly after disclosure, a PoC was published. We have identified several attempts to exploit this vulnerability with the intent to install XMRig malware for cryptocurrency mining. Cato’s sophisticated multi-layer detection and mitigation engines have successfully intercepted ..read more

How Cato Uses Large Language Models to Improve Data Loss Prevention Cato Networks has recently released a new data loss prevention (DLP) capability, enabling customers to detect and block documents being transferred over the network, based on sensitive categories, such as tax forms, financial transactions, patent filings, medical records, job applications, and more. Many modern DLP solutions rely heavily on pattern-based matching to detect sensitive information. However, they don’t enable full control over sensitive data loss. Take for example a legal document such as an NDA, it may contain ce ..read more

The Cato Socket Gets LTE: The Answer for Instant Sites and Instant Backup Every year, Bonnaroo, the popular music and arts festival, takes over a 700-acre farm in the southern U.S. for four days. While the festival is known for its diverse lineup of music, it also offers a unique and immersive festival experience filled with art, comedy, cinema, and more. For the networking nerds among us, though, the festival might be even more attractive as a stress test of sorts. The festival is held in a temporary, rural location. There is no fixed internet connection to support the numerous vendors. And t ..read more

Women in Tech: A Conversation with Cato’s Shay Rubio For International Women’s Day (March 8, 2024), the German language, software news site, entwickler.de, interviewed Cato product manager Shay Rubio about her journey in high tech. Here’s an English translation of that interview: When did you become interested in technology and what first got you interested in tech? I’m a curious person by nature and I was always intrigued by understanding how things work. I think my interest in technology was sparked during my military service in an intelligence unit, which revolved around understanding cyber ..read more

When SASE-based XDR Expands into Network Operations: Revolutionizing Network Monitoring Cato XDR breaks the mold: Now, one platform tackles both security threats and network issues for true SASE convergence. SASE, or Secure Access Service Edge, represents the core evolution of today’s enterprise networks converging network and security functions into a single, unified, cloud-native architecture. Today's global work-from-anywhere model amplifies this need for IT to have centralized management of both network connectivity and comprehensive security. While simply said, comprehensive security enta ..read more

Winning the 10G Race with Cato The Need for Speed The rapidly evolving technology and digital transformation landscape has ushered in increased requirements for high-speed connectivity to accommodate high-bandwidth application and service demands.  Numerous use cases, such as streaming media, internet gaming, complex data analytics, and real-time collaboration, require we go beyond today’s connectivity trends to define new ones.  Our ever-changing business landscape dictates that every transaction, every bit, and every byte will matter more tomorrow than it does today, so these use c ..read more

Outsmarting Cyber Threats: Etay Maor Unveils the Hacker’s Playbook in the Cloud Era The Cloud Conundrum: Navigating New Cyber Threats in a Digital World In an era where cyber threats evolve as rapidly as the technology they target, understanding the mindset of those behind the attacks is crucial. This was the central theme of a speech given by Etay Maor, Senior Director of Security Strategy, of Cato Networks at the MSP EXPO 2024 Conference & Exposition in Fort Lauderdale, Florida. Titled, “SASE vs. On-Prem A Hacker’s Perspective,” Maor’s session provided invaluable insights into the sophis ..read more

XZ Backdoor / RCE (CVE-2024-3094) is the Biggest Supply Chain Attack Since Log4j A severe backdoor has been discovered in XZ Utils versions 5.6.0 and 5.6.1, potentially allowing threat actors to remotely access systems using these versions within SSH implementations. Many major Linux distributions were inadvertently distributing compromised versions. Consult your distribution's security advisory for specific impact information. While the attacker's identity and motivation remain unknown, the sophisticated and well-hidden nature of the code raises concerns about a state-sponsored attacker. Cato ..read more

When Patch Tuesday becomes Patch Monday – Friday If you’re an administrator running Ivanti VPN (Connect Secure and Policy Secure) appliances in your network, then the past two months have likely made you wish you weren't.In a relatively short timeframe bad news kept piling up for Ivanti Connect Secure VPN customers, starting on Jan. 10th, 2024, when critical and high severity vulnerabilities, CVE-2024-21887 and CVE-2023-46805 respectively, were disclosed by Ivanti impacting all supported versions of the product. The chaining of these vulnerabilities, a command injection weakness and an authent ..read more

WANTED: Brilliant AI Experts Needed for Cyber Criminal Ring In a recent ad on a closed Telegram channel, a known threat actor has announced it’s recruiting AI and ML experts for the development of it’s own LLM product. Threat actors and cybercriminals have always been early adapters of new technology: from cryptocurrencies to anonymization tools to using the Internet itself. While cybercriminals were initially very excited about the prospect of using LLMs (Large Language Models) to support and enhance their operations, reality set in very quickly – these systems have a lot of problems and are ..read more