DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Tech News

Mass scanning of Palo Alto Networks, Cisco and Fortinet Login portals

DigitalCIO Bureau by DigitalCIO Bureau
October 13, 2025
in Tech News
0
Mass scanning of Palo Alto Networks, Cisco and Fortinet Login portals
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Cybersecurity intelligence firm GreyNoise has observed an alarming increase in scanning activity against network equipment from major vendors in recent days. Scanning of Palo Alto Networks login portals has increased by approximately 500% in 48 hours, the highest level in 90 days. This pattern of targeted reconnaissance exercises is now associated with a high degree of certainty with similar escalations against Cisco ASA devices and Fortinet SSL VPNs.

The findings indicate that the same threat actors are behind a coordinated series of attacks targeting vulnerable login portals of critical network infrastructure.

Starting October 3rd, GreyNoise noticed a sharp increase in the number of unique IP addresses scanning Palo Alto Networks PAN-OS GlobalProtect login portals. On October 7th, activity peaked at over 2,200 unique IP addresses.

On October 8, GreyNoise confirmed the correlation between three recent campaigns:

Scanning Cisco ASA devices.

Increased login attempts against Palo Alto login portals.

A spike in brute force attempts against Fortinet SSL VPNs.

This link is supported by a recurring fingerprint (shared TCP fingerprints), the use of the same subnets, and the simultaneous escalation of activities. The most frequently used subnets are linked to AS200373 (3xK Tech GmbH) and AS11878 (tzulo, Inc.).

Increased risk of zero-day vulnerabilities

The increased scanning is particularly concerning given previous observations by GreyNoise. Previous research in July indicated that spikes in brute force attempts against Fortinet VPNs are often followed by the public disclosure of new Fortinet VPN vulnerabilities within six weeks. While such a correlation has not yet been proven in Palo Alto, the current escalation calls for increased vigilance from defenders.

Furthermore, the rapid succession of login attempts against Palo Alto suggests that threat actors are attempting to test a large data set of stolen or leaked credentials.

Call for defense teams

Defense teams are strongly advised to immediately tighten their firewall and VPN security. This activity is classified as targeted reconnaissance and is clearly distinct from routine background scanning.

Organizations can take preventive measures by:

Instantly block IPs involved in Fortinet VPN brute forcing and Palo Alto scanning.

Implement additional layers of defense given the coordinated nature of the attacks across different technology platforms.

GreyNoise has published a list of usernames and passwords used in recent Palo Alto and Fortinet campaigns for defense teams to review. Threat actors appear to be broadening their focus, given the increase in unique autonomous systems (ASNs) involved in the scans.

Tags: GreyNoise
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

NelsonHall Recognizes LTM as a Leader in GenAI & Process Automation for Banking

by DigitalCIO Bureau
March 6, 2026
0
NelsonHall Recognizes LTM as a Leader in GenAI & Process Automation for Banking

LTM, the Business Creativity partner to the world’s largest enterprises, has been recognized as a Leader in the ‘Overall’ market segment in the NelsonHall NEAT Evaluation for GenAI...

Read moreDetails

OptiValue Tek & SFJ Business Solutions Join Hands to Transform Fortune 500 Enterprises

by DigitalCIO Bureau
March 2, 2026
0
OptiValue Tek & SFJ Business Solutions Join Hands to Transform Fortune 500 Enterprises

Partnership aims to build intelligent, resilient, and future-ready enterprise ecosystems worldwide New Delhi – March 2, 2026 — OptiValue Tek has announced a strategic alliance with SFJ Business Solutions, to deliver large-scale enterprise...

Read moreDetails

TCS Expands Strategic Partnership with Zscaler to Redefine Enterprise Workspace Innovation with New AI-powered Solution

by DigitalCIO Bureau
March 2, 2026
0
TCS Expands Strategic Partnership with Zscaler to Redefine Enterprise Workspace Innovation with New AI-powered Solution

TCS Workspace Experience Studio engineered with ZDX (Zscaler Digital Experience) will herald a new era in enterprise digital workspace innovation by integrating zero-trust security, observability, and AI-powered experience...

Read moreDetails

21-year-old from China wins TCS CodeVita 2026 as TCS sets new Guinness World Records for the world’s largest coding competition

by DigitalCIO Bureau
February 27, 2026
0
21-year-old from China wins TCS CodeVita 2026 as TCS sets new Guinness World Records for the world’s largest coding competition

TCS sets a new milestone with 146,922 participants, surpassing its 2021 Guinness World Records title to remain the world’s largest coding championship Tata Consultancy Services (TCS) announced the winners...

Read moreDetails

Qualcomm and Tata Electronics Partner to Manufacture Qualcomm Automotive Modules in India

by DigitalCIO Bureau
February 27, 2026
0
Qualcomm and Tata Electronics Partner to Manufacture Qualcomm Automotive Modules in India

Collaboration supports the nation’s “Make in India” initiative and global priority for supply chain diversification Companies’ manufacturing partnership aimed at supporting Indian and global automakers, strengthening supply-chain flexibility...

Read moreDetails
Next Post
Visakhapatnam’s First 50 MW AI Edge Data Center Foundation Laid

Visakhapatnam's First 50 MW AI Edge Data Center Foundation Laid

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Cohesity Appoints Srinivasan Murari as Chief Development Officer

Cohesity Recognized As Leader By Gartner

July 5, 2025
Bikash Joshi Joins dMACQ Software as Chief Product Officer

Bikash Joshi Joins dMACQ Software as Chief Product Officer

January 13, 2025
Deloitte And AWS To Deepen Generative AI Driven Innovations For Indian Enterprises

Hexaware and Abluva Offer Secure Agentic AI Solutions for Life Sciences Industry

July 11, 2025

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Barracuda Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud IBM Infographics Internet of Things (IoT) Kaspersky Microsoft NTT DATA NVIDIA Palo Alto Networks Panel Discussion Qlik Salesforce ServiceNow Sophos TCS Tenable Trend Micro Veeam Veeam Software Vertiv Webinars Whitepaper Zscaler

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?