Matt Chiodi, Chief Security Officer for Public Cloud at Palo Alto Networks, talks with Greg Otto on how his company is helping enterprises set up cloud instances that help both development and security teams get their job done through their Unit 42 Cloud Threat Report.

Cloud computing is now at the center of nearly every business strategy. But, as with the rapid adoption of any new technology, growing pains persist.

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices.

Unit 42 researchers discuss public cloud misconfiguration issues that are leading to breaches of sensitive data.

AT&T, Palo Alto Networks and Broadcom on Friday announced a framework for a virtual firewall, known as a Disaggregated Scalable Firewall (DSFW). According to AT&T, the DFSW architecture is designed to secure and protect global network traffic in the 5G era.

The vast majority of medical imaging equipment in the U.S. is leaving patient data vulnerable and hospitals open to attacks that could disrupt care, a new study says.

For maximum effectiveness, security-as-a-service solutions can no longer simply be reactive, but must instead be predictive, which is the focus of a newly announced partnership between NTT and Palo Alto Networks.

As part of the industry's ongoing effort to split network elements into smaller pieces, AT&T, Palo Alto Networks and Broadcom have hooked up to develop the disaggregated scalable firewall (DSFW) framework.

Palo Alto Networks has hired Don Jones to extend the company’s NextWave program to a new generation of partnerships in the systems integrator and service provider spaces.

Editor’s Note: Morning Cybersecurity is a free version of POLITICO Pro Cybersecurity’s morning newsletter, which is delivered to our subscribers each morning at 6 a.m.

You'd think that mammography machines, radiology systems, and ultrasounds would maintain the strictest possible security hygiene. But new research shows that a whopping 83 percent of medical imaging devices run on operating systems that are so old they no longer receive any software updates at all.

A huge proportion of internet-connected imaging devices at hospitals run outdated operating systems, according to research released Tuesday by Palo Alto Networks, a cybersecurity firm.

MoleRATs, a politically-motivated threat actor apparently linked to the Palestinian terrorist organization Hamas, has expanded its target list to include insurance and retail industries, Palo Alto Networks’ security researchers report.

Years ago, I held senior leadership positions in the U.S. military focused on cyber-operations, policy and strategy. What kept me up at night was the concern that a loosely controlled third-party actor or organization — operating with suspicious motivations or questionable skills at the behest of an adversary — might initiate a cyberattack that could escalate to a physical conflict.

The cybersecurity firm introduced an extended security orchestration, automation and response platform this week to provide capabilities for security analysts to deal with threats across the enterprise.

Palo Alto Networks this week rolled out the next phase of its Demisto security orchestration, automation, and response (SOAR) platform, which is now called Cortex XSOAR. Palo Alto Networks acquired Demisto for $560 million in March 2019.

The $560 million buy of SOAR vendor Demisto bolstered Palo Alto Networks’ ability to use AI and machine learning to further automate parts of customers’ security operations.

By now it’s become apparent that the bulk of security incidents involving cloud platforms revolve around some type of configuration issue. An analysis of those cloud configurations published today by the Unit 42 research arm of Palo Alto Networks suggests that the root cause of the issue is most likely the templates many developers and DevOps teams rely on to configure cloud infrastructure. In fact, according to Unit 42’s analysis, more than 199,000 templates have medium-to-high vulnerabilities in use on public clouds.

Having an in-demand hard skill, such as proficiency in a certain technology, may get your foot in the door when you’re searching for a job, but if you want to land it, employers want to see your soft skills. Unfortunately, traits such as being a team player or problem solver are not as easy to convey.

Companies leveraging DevOps are using almost 200,000 "insecure templates" for infrastructure as code (IaC), according to research from Palo Alto Networks' threat intelligence team Unit 42. Of the three most common templates — Terraform, CloudFormation and K8s YAML — CloudFormation is the most vulnerable.​

Developers might feel pressure to deploy in a hurry, yet skimping on security to save time can open the door to persistent risks. The findings of the latest Cloud Threat Report released by Unit 42 point to a rather unfortunate marriage of fastmoving, competitive strategies and lax attention to security policy. Unit 42 is the threat intelligence unit of cybersecurity provider Palo Alto Networks.

As you may be aware, there’s money to be made on the internet. The question, of course, is how. Not everyone has the reality-distortion skills to start their own tech unicorn, or the Stanford connections to become an early employee there, or the indifference to sunlight necessary to become a world-class Fortnite gamer.

A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42.

Thousands of servers could be exposed to SharePoint vulnerability CVE-2019-0604, recently used in cyberattacks against Middle East government targets.

Here’s a look at 20 cloud security vendors that have taken on the migration, compliance and governance challenges in the cloud computing space.

Palo Alto Networks CEO Nikesh Arora argues cyber threats will only get worse as there is increasing demand for user data, but that servers are more secure now than they were even a few years ago.

Internet routers running the Tomato alternative firmware are under active attack by a self-propagating exploit that searches for devices using default credentials.

The malicious email campaign included a never-before-seen malware downloader called Carrotball, and may be linked to the Konni Group APT.

In the second half of 2019, a U.S. government agency was targeted by repeated spearphishing attempts that could be from a mysterious group that has evaded attribution for years, according to new research issued Thursday by security firm Palo Alto Networks.