Palo Alto Networks has shown that it was watching the entry into a brute force against GlobalProt Gateway Pan-OS, a few days after the threat subjects warned of a splash of suspicious entry scan aimed at its instrument.
“Our teams are watching evidence of an activity that is in line with password-related attacks such as entry attempts that do not indicate vulnerability,” said The Hacker News spokesman. “We still actively control this situation and analyze the reported activity to determine its potential influence and determine whether the mitigation is necessary.”
Development occurs after threat of intelligence firm Greynoise sweat Spike in suspicious entry scanning aimed at GlobalProt Pan-OS portals.
The company further noted that the activity began on March 17, 2025, reaching the peak of 23 958 unique IPs before dropping by the end of last month. The template indicates agreed efforts to check the network protection and detection of exposed or vulnerable systems.
The activity of the entry scan is primarily distinguished by systems in the US, UK, Ireland, Russia and Singapore.
It is currently unknown how widespread these efforts are, and when at this stage they work with some particular threat actor. The Hacker News turned to Palo Alto Networks for additional comments and we will update the story when we hear back.
At this time, all customers are advised to make sure that they work with the latest PAN-OS versions. Other softening include the performance of multiform authentication (Foreign ministry) Set up GlobalProte to Promoting notifications about the Foreign Affairscustomization Security policy to identify and to block rough attacksand restriction unnecessary impact On the Internet.
