this post was submitted on 16 Nov 2024
151 points (98.7% liked)

Technology

59440 readers
3172 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
151
Palo Alto Networks confirms mystery zero day now exploited: No patch, no CVE (www.thestack.technology)
submitted 2 days ago* (last edited 2 days ago) by Joker@sh.itjust.works to c/technology@lemmy.world
16 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] thejml@lemm.ee 80 points 2 days ago (5 children)

with the US-based security vendor on November 11 urging customers to pull their management interfaces off the public internet or restrict them to known IP addresses.

Why would you EVER put management interfaces on the public internet? What terrible decisions led them down that path? VPN is so quick and easy at a minimum.

[–] cyberpunk007@lemmy.ca 1 points 16 hours ago

Once I read this I just stopped lol. You almost deserve to be explored if you do this, this is like security 101.

[–] qjkxbmwvz@startrek.website 25 points 2 days ago* (last edited 2 days ago)

The network gear I manage is only accessible via VPN, or from a trusted internal network...

...and by the gear I manage, I mean my home network (a router and a few managed switches and access points). If a doofus like me can set it up for my home, I'd think that actual companies would be able to figure it out, too.

[–] catloaf@lemm.ee 9 points 2 days ago

Management interfaces shouldn't even be accessible from the general LAN.

[–] Evotech@lemmy.world 9 points 2 days ago (1 children)

I know right, 99% of these caves are against management interfaces too

[–] AmidFuror@fedia.io 9 points 2 days ago (1 children)

Paleo Alto?

[–] corsicanguppy@lemmy.ca 4 points 2 days ago

Saw the writing on the wall, there.

[–] jdeath@lemm.ee 1 points 2 days ago

zero trust?