From The Hunter Diaries - Detecting C2 Servers
Hunting for suspicious Command & Control traffic utilizing Cortex XDR XQL queries.
- Blog
- Palo Alto Networks
- command and control
Palo Alto Networks
command and control
What Are Unknown Cyber Threats? (And Are They Really Unknown?)
Most traditional security products are built to act based on known threats. The moment they see something that is known to be malicious, they block it. To get past security product...
Dec 01, 2016
By Karin Shopen
Setting Expectations for Prevention Readiness: The Prevention-Posture Asses...
Our commitment to making prevention a core component of architecture is real. As such, we created a standard assessment methodology to help set expectations about prevention and cr...
Nov 15, 2016
By Tim Treat and Nate Bitting
New Wekby Attacks Use DNS Requests As Command and Control Mechanism
We have observed an attack led by the APT group Wekby targeting a US-based organization in recent weeks. Wekby is a group that has been active for a n...
May 24, 2016
Attacks on East Asia using Google Code for Command and Control
Recently, FireEye published a blog titled “Operation Poisoned Hurricane” which detailed the use of PlugX malware variants signed with legitimate certi...
Aug 15, 2014
By Jen Miller-Osborn and Rob Downs
Subscribe to the Blog!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.
Get the latest news, invites to events, and threat alerts
Get the latest news, invites to events, and threat alerts
Products and Services
- AI-Powered Network Security Platform
- Secure AI by Design
- Prisma AIRS
- AI Access Security
- Cloud Delivered Security Services
- Advanced Threat Prevention
- Advanced URL Filtering
- Advanced WildFire
- Advanced DNS Security
- Enterprise Data Loss Prevention
- Enterprise IoT Security
- Medical IoT Security
- Industrial OT Security
- SaaS Security
- Next-Generation Firewalls
- Hardware Firewalls
- Software Firewalls
- Strata Cloud Manager
- SD-WAN for NGFW
- PAN-OS
- Panorama
- Secure Access Service Edge
- Prisma SASE
- Application Acceleration
- Autonomous Digital Experience Management
- Enterprise DLP
- Prisma Access
- Prisma Access Browser
- Prisma SD-WAN
- Remote Browser Isolation
- SaaS Security