Immediate patching urged for Palo Alto Networks flaw used in DDoS attack

Active exploitation of a security flaw in Palo Alto Networks' PAN-OS firewall software in an attempted reflection denial-of-service attack has prompted Palo Alto Networks to call on users to immediately apply security patches that have been issued last week, reports The Record, a news site by cybersecurity firm Recorded Future. Attackers could exploit the vulnerability, tracked as CVE-2022-0028, in unpatched PA-, VM-, and CN-Series of the PAN-OS firewall software to "conduct reflected and amplified TCP denial-of-service (RDoS) attack," according to Palo Alto Networks, which noted that the attack could also conceal the identity of attackers. Such attack reflection and amplification shows the growing use of amplification to expand DDoS attacks, said Viakoo CEO Bud Broomhead, who also noted Google's recent detection of a DDoS attack peaking at 46 million requests per second, the highest ever. Evidence of active abuse of the vulnerability has also resulted in its inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities Catalog, with patches for federal civilian agencies urged before September 12.