Palo Alto Networks

Vulnerabilities

Xpanse Covers Top Vulnerabilities Warned of by CISA

In the fast-evolving world of technology and interconnectedness, cyberthreats have become a formidable challenge for businesses, governments, and individuals alike. To stay ahead in this relentless cat-and-mouse game with cybercriminals, the Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive rep...

Announcement

News and Events

Product Features

Use-Cases

Aug 14, 2023

By Alyssa Ramella

Palo Alto Networks

Products and Services

Partners

Announcement, Announcement, Cloud Native Security Platform, Cloud Workload Protection, Products and Services

Agentless Workload Scanning Gets Supercharged with Malware Scanning

Enterprises taking advantage of cloud-native architectures now have 53% of their cloud workloads hosted on public clouds...

Jun 22, 2023

By Mohit Bhasin and Omri Cohen

Next-Generation Firewalls, Uncategorized, Zero Trust Security

Guarding Against Malware in 2023: 4 Predictions to Enhance Your Security St...

The ability to guard against attacks and malware designed to exploit vulnerabilities means keeping up with trends and predictions to inform your secur...

Jun 06, 2023

By Navneet Singh

Cloud Infrastructure Entitlement Management, Cloud Security, IAM

Prevent Lateral Movement With Prisma Cloud

Lateral movement refers to a technique adopted by attackers to maneuver within a network or cloud infrastructure to obtain unauthorized access to sensitive data. Free from the dete...

May 16, 2023

By Pranay Shastrulla

Cloud Security, Cloud Security Posture Management, Cloud Workload Protection Platform

10 Cloud Security Risks Organizations Should Address

Through advances in cloud technology, data access is now readily available. This is a boon for developers. For security practitioners, though, it presents a challenge. With dataset...

May 15, 2023

By Nathaniel Quist

Announcement, Cloud Infrastructure Entitlement Management, Cloud Network Security, Cloud Security Posture Management, Cloud Workload Protection Platform, DevSecOps, Partners, Vulnerability Exposed

DirtyPipe Enables Critical Attacks on Container Environments

On Mar. 3rd, Linux publicly di...

Mar 14, 2022

By Yuval Avrahami

Cloud Infrastructure Entitlement Management, Cloud Network Security, Cloud Security Posture Management, Cloud Workload Protection Platform, DevSecOps

6 Common Kubernetes and Container Attack Techniques and How to Prevent Them

While Log4J or Log4Shell stole a lot of the headlines, there have been a lot of other atta...

Mar 02, 2022

By Taylor Smith

Announcement, DevSecOps, Partners, Products and Services

What Does the Latest Linux Kernel Vulnerability Mean for Kubernetes Users a...

On 01/18/2022, an Integer Underflow vulnerability was discovered in the Linux Kernel. The vulnerability, assigned CVE-2022-0185, lies in the legacy_pa...

Feb 01, 2022

By Daniel Prizmant and Ariel Zelivansky

Products and Services, Public Sector

Preparing for and Preventing an Inevitable Cyberattack

The Colonial Pipeline ransomware attack was a jarring reminder that organizations providing critical infrastructure and services to the public could easily be the next target. Ransomware operators have long tar...

Sep 28, 2021

By Matt Schneider

Must-Read Articles, News and Events, Uncategorized

PrintNightmare Prevention Update with Cortex XDR

Microsoft recently warned Windows users about two vulnerabilities, CVE-2021-1675 & CVE 2021-34527, affecting the Windows Print Spooler Service. Proof-of-concept exploit code was posted on Github before the...

Jul 15, 2021

By Kasey Cross

Must-Read Articles, News and Events, Uncategorized

Hunting PrintNightmare (CVE-2021-1675) Using Cortex XDR

On June 29, 2021, proof of concept code for CVE-2021-1675 (dubbed PrintNightmare) was posted on Github.

Jul 01, 2021

By Unit 42

Must-Read Articles, Points of View

How Quickly Are We Patching Microsoft Exchange Servers?

As the world learned about the four zero-day vulnerabilities in Microsoft Exchange Server and the attacks that exploited them, many people wondered how widespread the effects would be. How many organizations ar...

Mar 14, 2021

By Matt Kraning

Must-Read Articles, Points of View

Attackers Won't Stop With Exchange Server. You Need a New Playbook

When watershed SolarWinds attacks hit in December, I urged organizations to redouble efforts to secure their networks. It was a wakeup call – SolarWin...

Mar 10, 2021

By Nikesh Arora

Secure the Enterprise

Unit 42 Recognized by Microsoft on the MSRC Security Researcher Leaderboard

Palo Alto Networks is proud to announce that Microsoft has recognized Zhibin Zhang, a principal researcher for Unit 42, on their MSRC Security Researcher Leaderboard for Q1 2020.

May 05, 2020

By John Harrison

Secure the Cloud

Recent Vulnerabilities in Envoy Explained, Including Impact to Istio

On Dec. 10, three vulnerabilities in the Envoy proxy were made public, one of which was classified as “high severity” and two as “medium severity,” affecting all versions up to and...

Dec 19, 2019

By Aviv Sasson

Secure the Cloud

Analysis of Two Newly Patched Kubernetes Vulnerabilities

The Kubernetes Patch Release Team on Tuesday released new builds that patch Kubernetes vulnerabilities CVE-2019-16276 and CVE-2019-11253, which have been publicly disclosed over the past month. These vulnerabil...

Oct 16, 2019

By Ariel Zelivansky and Aviv Sasson

Secure the Cloud

Kubernetes – Vulnerable to Denial-of-Service Attacks

On Wednesday, the Kubernetes Product Security Committee disclosed two new vulnerabilities affecting all versions. The issues are related to eight attack methods on HTTP/2 implementations found and released two...

Aug 22, 2019

By Ariel Zelivansky and John Morello

Unit 42

Unit 42 Vulnerability Research October 2018 Disclosures – Adobe

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered ten vulnerabilities addressed by the Adobe Product Sec...

Oct 05, 2018

By Unit 42

Unit 42

Unit 42 Vulnerability Research July 2018 Disclosures – Adobe

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered eight vulnerabilities addressed by the Adobe Product S...

Jul 11, 2018

By Christopher Budd

Unit 42

Unit 42 Vulnerability Research May 2018 Disclosures – Adobe

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered a vulnerability addressed by the Adobe Product Securit...

May 16, 2018

By Christopher Budd

Unit 42

Exploit in the Wild: #drupalgeddon2 - Analysis of CVE-2018-7600

On 28 March 2018, the Drupal core security team released security advisory SA-CORE-2018-002 which discusses a highly critical vulnerability CVE-2018-7600, later nicknamed drupalged...

May 01, 2018

By Yanhui Jia, Matt Tennis, Yi Ren and Rongbo Shao

Load more blogs