Randori discovered Zero-day in Palo Alto’s GlobalProtect Firewall, affecting ~10,000 assets.
Outline Palo Alto Networks (PAN) released an update on November 10, 2021, that patched CVE-2021-3064, which was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN, and it allows for unauthenticated remote code execution on susceptible product installations. …
JSON Web Tokens – Attack and Defense
In this blog, we will learn about JSON web tokens and advantages of using them over traditional methods of authorization and authentication. We will delve deeper into the ways a malicious adversary can attack JWT implementations and learn about preventing such pitfalls. What is JWT? …