Palo Alto Networks boasts 70,000 customers in 150 countries, including 85% of the Fortune 500. But this week "thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bug," reports the Register: The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware. Roughly 2,000 devices had been hijacked as of Wednesday — a day after Palo Alto Networks pushed a patch for the holes — according to Shadowserver and Onyphe. As of Thursday, the number of seemingly compromised devices had dropped to about 800. The vendor, however, continues to talk only of a "limited number" of exploited installations... The Register has asked for clarification, including how many compromised devices Palo Alto Networks is aware of, and will update this story if and when we hear back from the vendor. Rumors started swirling last week about a critical security hole in Palo Alto Networks appliances that allowed remote unauthenticated attackers to execute arbitrary code on devices. Exploitation requires access to the PAN-OS management interface, either across the internet or via an internal network. The manufacturer did eventually admit that the firewall-busting vulnerability existed, and had been exploited as a zero-day — but it was still working on a patch. On Tuesday, PAN issued a fix, and at that time said there were actually two vulnerabilities. The first is a critical (9.3 CVSS) authentication bypass flaw tracked as CVE-2024-0012. The second, a medium-severity (6.9 CVSS) privilege escalation bug tracked as CVE-2024-9474. The two can be chained together to allow remote code execution (RCE) against the PAN-OS management interface... once the attackers break in, they are using this access to deploy web shells, Sliver implants, and/or crypto miners, according to Wiz threat researchers.

Read more of this story at Slashdot.

Damage to two undersea fiber-optic cables in the Baltic Sea this month points to growing vulnerability of critical submarine infrastructure, with German officials suspecting sabotage and Swedish police investigating a Chinese cargo vessel's involvement. The incident highlights escalating risks to the global submarine cable network, which carries 99% of international telecommunications traffic through 530 cable systems spanning 850,000 miles. These garden hose-thick cables facilitate trillions in daily financial transactions and vital government communications. Security experts warn that Russia has increased monitoring of undersea cables amid tensions over Ukraine. Taiwan reported 36 cable damages by foreign vessels since 2019, while Houthi rebels denied targeting Red Sea cables this year. Though most of the 100-plus annual cable faults are accidental, deliberate sabotage remains a concern. Repairs are costly, with new transatlantic cables running up to $250 million.

Read more of this story at Slashdot.

The chief scientist of the Asia Pacific Network Information Center has a theory about why the world hasn't moved to IPv6. From a report: In a lengthy post to the center's blog, Geoff Huston recounts that the main reason for the development of IPv6 was a fear the world would run out of IP addresses, hampering the growth of the internet. But IPv6 represented evolution -- not revolution. "The bottom line was that IPv6 did not offer any new functionality that was not already present in IPv4. It did not introduce any significant changes to the operation of IP. It was just IP, with larger addresses," Huston wrote. IPv6's designers assumed that the protocol would take off because demand for IPv4 was soaring. But in the years after IPv6 debuted, Huston observes, "There was no need to give the transition much thought." Internetworking wonks assumed applications, hosts, and networks would become dual stack and support IPv6 alongside IPv4, before phasing out the latter. But then mobile internet usage exploded, and network operators had to scale to meet unprecedented demand created by devices like the iPhone. "We could either concentrate our resources on meeting the incessant demands of scaling, or we could work on IPv6 deployment," Huston wrote.

Read more of this story at Slashdot.

Vietnam will convert all its networks to IPv6, under a sweeping digital infrastructure strategy announced last week. From a report: The plan emerged in Decision No. 1132/QD-TTg -- signed into existence by permanent deputy prime minister Nguyen Hoa Binh -- and defines goals for 2025 and 2030. By 2025, the nation intends to connect two new submarine cables -- an important local issue. Earlier this year, internet speeds slowed when three of the five cables connecting the country broke. Also by 2025, the country wants "universal" fiber-to-the-home, 5G services in all cities and industrial zones, and work to have commenced on an unspecified number of datacenters capable of running AI applications and operating with power usage effectiveness index (PUE) of less than 1.4. [...] Vietnam's population exceeds 100 million and it already has 140 mobile subscriptions per 100 inhabitants. IPv4 with network address translation can scale to those levels -- if Vietnamese carriers have secured sufficient number resources.

Read more of this story at Slashdot.

Cisco is exiting the LoRaWAN market for IoT device connectivity, with no migration plans for customers. "LoRaWAN is a low power, wide area network specification, specifically designed to connect devices such as sensors over relatively long distances," notes The Register. "It is built on LoRa, a form of wireless communication that uses spread spectrum modulation, and makes use of license-free sub-gigahertz industrial, scientific, and medical (ISM) radio bands. The tech is overseen by the LoRa Alliance." From the report: Switchzilla made this information public in a notice on its website announcing the end-of-sale and end-of-life dates for Cisco LoRaWAN. The last day customers will be able to order any affected products will be January 1, 2025, with all support ceasing by the end of the decade. The list includes Cisco's 800 MHz and 900 MHz LoRaWAN Gateways, plus associated products such as omni-directional antennas and software for the Gateways and Interface Modules. If anyone was in any doubt, the notification spells it out: "Cisco will be exiting the LoRaWAN space. There is no planned migration for Cisco LoRaWAN gateways."

Read more of this story at Slashdot.