A suspected nation-state threat actor exploited a recently disclosed vulnerability (CVE-2024-9474) in a Palo Alto network device to gain access, where the attacker then used curl to download a malicious file (bwmupdate) that installed a backdoor disguised as the logd service.  To achieve persistence, the malware modified the /etc/rc.local file and a function within the … Continue reading Hackers Exploit PAN-OS Flaw to Spread Malware