Skip to main content
Back to Blogs

Intelligence Digest

Vulnerability Opens the Door to Zero-Day Threats and Data Breaches – Skyhigh Security Intelligence Digest

April 29, 2024

By Rodman Ramezanian - Global Cloud Threat Lead, Skyhigh Security

High-severity vulnerabilities in legacy VPN systems across multiple vendors have sounded an alarm in cybersecurity circles. Businesses all over the world that use SSL VPN products from Ivanti, Fortinet, Cisco, Palo Alto Networks, and other vendors are prime targets for emerging threats and potential data breaches. By exploiting the inherent design flaws in internet-facing assets like firewalls and VPNs, attackers can gain access to networks and move laterally, potentially stealing sensitive data and compromising critical applications.

A vulnerability found within the Palo Alto Networks GlobalProtect VPN product is the most recent discovery, reported on by Volexity Threat Research in mid-April, 2024. By exploiting a security flaw in Palo Alto Networks PAN-OS, attackers gain full control with root privileges of the firewall and the VPN connectivity it facilitates. Without needing a username and password, attackers leverage the firewalls as an entry point to move laterally within targeted organizations. This zero-day threat has the highest possible severity score of 10 out of 10.

While patching these types of vulnerabilities is an essential short-term fix, adopting a Zero Trust architecture is one of the best ways to prevent exposure. Unlike traditional security architectures that rely on firewalls and VPNs, Zero Trust creates secure connections directly between users who work remotely, in branch offices, or at headquarters and the applications, workloads, and industrial control systems they need to access.

Instead of directing users or devices to the corporate network, they are continually verified before access is granted to sensitive resources, following the Zero Trust principle of “never trust, always verify.” To safeguard data at all times—without impacting availability or performance for users—trust is never granted by default. Whether users are remote or outside the network perimeter, they can only access authorized applications and services and never the entire network. This approach prevents attackers from entering the network through their usual entry points and halts lateral movement of threats.

Once you decide to switch from legacy VPN and firewall to a Zero Trust framework, where do you begin? Find out how Skyhigh Security can help you modernize your security infrastructure to safeguard your organization against vulnerabilities like these. Read our most recent Intelligence Digest.

Back to Blogs

Related Content

News thumbnail
Cloud Security

The Skyhigh Client Proxy Context Advantage

Jeff Ebeling - July 9, 2024

News thumbnail
Industry Perspectives

Revolutionize Your Research with AI

Cleo McMichael - June 28, 2024

Recent blogs

Cloud Security

The Skyhigh Client Proxy Context Advantage

Jeff Ebeling - July 9, 2024

Industry Perspectives

Revolutionize Your Research with AI

Cleo McMichael - June 28, 2024

Industry Perspectives

Legacy Web Gateway vs Next-Generation Web Gateway: Understanding the Key Differences

Mohammed Guermellou - June 12, 2024

Industry Perspectives

Telecom Company Replaces Traditional VPN with Skyhigh Private Access

America Garcia - June 6, 2024