See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Baseball
Artificial Intelligence
Social Media
Tariffs
Natural Disasters
Education
Donald Trump
Taxes
Trade
Senate
Trade War
Justice
Published loading...Updated

Unknown scanners probing Juniper and Palo Alto products

  • GreyNoise reported mass probing of Palo Alto Networks' PAN-OS GlobalProtect login portals beginning March 17, 2025.
  • This activity may be reconnaissance for an upcoming attack, as similar patterns preceded vulnerability disclosures.
  • The scanning peaked around March 17, involving almost 20,000 unique IPs daily before tapering off around March 26.
  • GreyNoise data showed 23,800 IPs as 'suspicious' and 154 IPs as 'malicious'; Bob Rudis stated about targeting patterns.
  • GreyNoise advises administrators to review logs and harden login portals to prevent potential exploitation attempts.
Insights by Ground AI
Does this summary seem wrong?

11 Articles

All
Left
Center
4
Right
The RegisterThe Register
Center

Unknown scanners probing Juniper and Palo Alto products

Updated: Espionage? Botnets? Trying to exploit a zero-day?

Read Full Article
Tech RadarTech Radar
Center

Palo Alto Networks gateways facing huge number of possible security attacks

Activities like these usually lead up to the discovery of a new zero-day, experts warn.

·United Kingdom
Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

Mass login scans of PAN GlobalProtect portals surge

Nearly 24K unique IP addresses have attempted to access portals in the last 30 days, raising concerns of imminent attacks over the past 30 days.

Read Full Article
BleepingComputerBleepingComputer
Center

Nearly 24,000 IPs behind wave of Palo Alto Global Protect scans

A significant spike in scanning activity targeting Palo Alto Network GlobalProtect login portals has been observed, with researchers concerned it may be a prelude to an upcoming attack or flaw being exploited.

Read Full Article
cybernoz.comcybernoz.com

Spike In Palo Alto Networks Scanner Activity Suggests Imminent Cyber Threats - Cybernoz - Cybersecurity News

Spike in Palo Alto Networks scanner activity suggests imminent cyber threats Pierluigi Paganini April 02, 2025 Hackers are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks. Researchers at the threat intelligence firm GreyNoise warn of hackers that are scanning for vulnerabilities in Palo Alto Networks GlobalProtect portals, likely preparing for targeted attacks, warns…

Read Full Article
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

24,000 unique IP addresses target PAN-OS GlobalProtect gateways

Attackers aim to find zero-days in the PAN-OS gateways they can exploit. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Article Link: 24,000 unique IP addresses target PAN-OS GlobalProtect gateways

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Merca2.es broke the news in on Monday, March 31, 2025.
Sources are mostly out of (0)

Similar News Topics

CrowdStrike

CrowdStrike

Cisco

Cisco

Cyber Security

Cyber Security

Palo Alto

Palo Alto

You have read out of your 5 free daily articles.

Join us as a member to unlock exclusive access to diverse content.

News
For You
SearchBlindspotLocal