Subj : Palo Alto systems warning issued among huge surge in scanning att To : All From : TechnologyDaily Date : Mon Oct 06 2025 16:45:09 Palo Alto systems warning issued among huge surge in scanning attacks - but it says everything is fine Date: Mon, 06 Oct 2025 15:32:00 +0000 Description: Has someone found a way in to Palo Alto? FULL STORY ======================================================================GreyNois e observes 500% spike in scans targeting Palo Alto GlobalProtect and PAN-OS profiles 7% of scanning IPs were malicious; most originated from the US, targeting systems in the US and Pakistan Palo Alto found no compromise evidence and remains confident in its Cortex XSIAM-powered defenses Experts have warned it seems that someone is trying to sniff out a vulnerability in Palo Alto Networks login portals. Security researchers from GreyNoise said they had observed a 500% increase in IP addresses scanning for Palo Alto Networks GlobalProtect and PAN-OS profiles. On an average Friday, around 200 IP addresses scan for different profiles across the web, but on October 3, the researchers saw more than 1,280. Palo Alto remains secure Spikes such as this one are not unusual, but theyre often a sign that a threat actor discovered a vulnerability and is now mapping out potential victims. GreyNoise also said that of the IP addresses it saw, 7% are confirmed to be malicious, and 91% suspicious. Most of these IP addresses came from the US, with notable minorities coming in from the UK, Netherlands, Canada, and Russia. Targets are mostly located in the US and Pakistan. "Nearly all activity was directed at GreyNoises emulated Palo Alto profiles (Palo Alto GlobalProtect, Palo Alto PAN-OS), suggesting the activity is targeted in nature, likely derived from public (e.g., Shodan, Censys) or attacker-originated scans fingerprinting Palo Alto devices," GreyNoise said in its report. At the same time, Palo Alto remains confident that its systems can withstand almost any onslaught. In a statement shared with BleepingComputer , the company said it investigated the reports and found no evidence of a compromise: Palo Alto Networks is protected by our own Cortex XSIAM platform, which stops 1.5 million new attacks daily and autonomously reduces 36 billion security events into the most critical threats to ensure our infrastructure remains secure. We remain confident in our robust security posture and our ability to protect our network, the spokesperson told the publication. Scans like this can be used to hunt for n-day vulnerabilities, but also for zero-days. Via BleepingComputer Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. You might also like Palo Alto Networks gateways facing huge number of possible security attacks Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/palo-alto-systems-see-huge-surge-in-sca nning-attacks --- Mystic BBS v1.12 A49 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .