Blog

CVSS Score 10 Critical Palo Alto Pan-OS Code Execution Vulnerability CVE-2024-3400

April 16, 2024April 16, 2024

Summary The CVE-2024-3400 is a command injection vulnerability in Palo Alto’s PAN-OS specifically in the GlobalProtect feature, an unauthenticated attacker can execute arbitrary code leading to full compromise. Vulnerable Versions The vulnerable versions are PAN-OS 10.2, 11.0, and 11.1 Impact The vulnerability is observed to be exploited since March. 2024… Read More »CVSS Score 10 Critical Palo Alto Pan-OS Code Execution Vulnerability CVE-2024-3400

Unveiling Vulnerabilities: Navigating the Critical CVE Landscape of 2024

April 16, 2024April 16, 2024

In the ever-evolving digital connectivity and technology landscape, organizations face a constant challenge to fortify their cyber defenses against an ever-expanding array of threats. The rapid advancement of information technology has brought about unparalleled convenience and efficiency. Still, it has also ushered in an era where the vulnerability of digital… Read More »Unveiling Vulnerabilities: Navigating the Critical CVE Landscape of 2024

FireCompass Featured in GigaOm Radar for Attack Surface Management Three Times In A Row

FireCompass: Leader in 2024 GigaOm Radar for Attack Surface Management

March 28, 2024

FireCompass is the only Leader & Fast Mover in GigaOm Radar with the highest rating in Growth of Autonomous Pen Testing Navigating the ever-changing landscape of cybersecurity requires staying ahead of threats, making it not just a priority but an imperative. With organizations rapidly expanding their digital presence, understanding and… Read More »FireCompass: Leader in 2024 GigaOm Radar for Attack Surface Management

Critical CVEs: IBM Aspera, Nagios XI, Couchbase, RWS, DataEase and More

March 6, 2024March 7, 2024

This week, from February 26th to March 1st, the FireCompass research team identified a huge number of CVEs that are high in severity, along with ransomware, botnets, and threat actors creating havoc. Some of the CVEs identified are in popular commercial products used by various industries, and there are also… Read More »Critical CVEs: IBM Aspera, Nagios XI, Couchbase, RWS, DataEase and More

Guide: What is Penetration Testing? | What is Pen Testing?

March 6, 2024April 5, 2024

Penetration Testing is a form of adversary emulation to find a successful attack path from peripheral assets to crown jewels. Penetration testing, also known as pen testing, is a simulated cyber attack against an organization’s computer systems, networks, or web applications. It is a proactive approach to identifying vulnerabilities and… Read More »Guide: What is Penetration Testing? | What is Pen Testing?