Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

When networks were simpler, IT teams relied on firewalls as their primary defense, believing that securing the network perimeter was sufficient. However, as networks have grown in complexity—both horizontally and vertically-traditional security measures are no longer enough. The rise of remote work, cloud computing, layers of devices and applications, both evolved and primitive, and sophisticated cyberthreats has further emphasized the need for a more adaptive security strategy.

On February 18, CISA has added the recently published Palo Alto Networks CVE-2025-0108 to the list of known exploited vulnerabilities. To date, according to GreyNoise, there are over 25 known distinct public sources attempting exploitation. Unmitigated, this vulnerability can lead to significantly weakened network defenses and open doors for data leakages, financial compromises, and ransomware down the road.

Threat actors are increasingly using artificial intelligence (AI) to enhance their skills, improve their breach success rates, and gain access to organisations’ data. To counter these threats, companies must adapt their approach to IT operations (ITOps) by utilising AI to ensure they are well-equipped to withstand the latest threats and protect their organisation.

On February 12, 2025, Palo Alto Networks published a security advisory for CVE-2025-0108, an authentication bypass vulnerability in the management web interface of PAN-OS. The vulnerability was responsibly disclosed to Palo Alto Networks by Assetnote, who published a blog article with technical details about how to exploit the vulnerability the same day it was disclosed. Since then, proof-of-concept exploit code has emerged publicly.

On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. Successful exploitation of this vulnerability allows unauthenticated attackers with network access to invoke certain PHP scripts without proper authentication. While it does not lead to remote code execution, it impacts the confidentiality and integrity of the affected system.

According to Forrester Research, “How do we reduce our SIEM ingest costs?” is one of the top inquiries they receive from clients. Many security organizations rely on SIEMs for their detection, investigation, and response workflows, ingesting critical security information and events to detect and respond to threats.

This past year was a defining one for all of us at Cato Networks and for the industry at large. The enterprise networking and security market is undergoing a seismic shift—one that we have long anticipated. The days of fragmented, bolt-on security solutions are over. The market has spoken, and it’s clear: enterprises demand a single, converged platform to securely connect their operations everywhere. Cato is delivering exactly that.

In the world of network security, understanding what’s traveling across your network is pivotal. One of the most effective tools for this task is PCAP analysis (Packet Capture analysis). Here at Fidelis Security, we’re dedicated to empowering you with knowledge and tools like our Network Detection and Response (NDR) solution to safeguard your network traffic. Let’s dive into how to master PCAP analysis.