Palo

Palo Alto Networks urged companies this week to patch against a newly discovered zero-day vulnerability in one of its widely used security products, after malicious hackers began exploiting the bug to break into corporate networks. Because the vulnerability allows hackers to gain complete control of an affected firewall over the internet without authentication, Palo Alto gave the bug a maximum severity rating. The ease with which hackers can remotely exploit the bug puts thousands of companies that rely on the firewalls at risk from intrusions. Adding another complication, Palo Alto initially suggested disabling telemetry to mitigate the vulnerability, but said this week that disabling telemetry does not prevent exploitation. Security firm Volexity, which first discovered and reported the vulnerability to Palo Alto, said it found evidence of malicious exploitation going back to March 26, some two weeks before Palo Alto released fixes.