See how you can drastically improve your SOC.

Unit 42 discovered a malicious Microsoft Word document, disguised as a password-protected NortonLifelock document, being used in a phishing campaign to deliver remote access tool (RAT) called NetSupport Manager.

Companies leveraging DevOps are using almost 200,000 "insecure templates" for infrastructure as code (IaC), according to research from Palo Alto Networks' threat intelligence team Unit 42. Of the three most common templates — Terraform, CloudFormation and K8s YAML — CloudFormation is the most vulnerable.​

By now it’s become apparent that the bulk of security incidents involving cloud platforms revolve around some type of configuration issue. An analysis of those cloud configurations published today by the Unit 42 research arm of Palo Alto Networks suggests that the root cause of the issue is most likely the templates many developers and DevOps teams rely on to configure cloud infrastructure. In fact, according to Unit 42’s analysis, more than 199,000 templates have medium-to-high vulnerabilities in use on public clouds.

Having an in-demand hard skill, such as proficiency in a certain technology, may get your foot in the door when you’re searching for a job, but if you want to land it, employers want to see your soft skills. Unfortunately, traits such as being a team player or problem solver are not as easy to convey.

NSS Labs’ Advanced Endpoint Protection (AEP) Test evaluated the prevention capabilities of leading endpoint security (EPP) products against more than 45,000 attack test cases across all tested products including malware, exploits, blended threats, unknown threats, evasions, handcrafted attacks and resistance to tampering. Cortex XDR received a very strong “AA” rating overall.

NTT Ltd., a world-leading global technology services provider, and Palo Alto Networks, the global cybersecurity leader, today announced an expanded strategic partnership to offer a portfolio of intelligence-driven security products that will help clients minimize risk by reducing time to predict, detect, and respond to attacks. The new offering will bring together NTT Ltd.’s ‘Secure by Design’ services with Palo Alto Networks Prisma™ Access and Cortex™ XSOAR technologies and focus on intelligent workplace, intelligent infrastructure, and intelligent cybersecurity. The offering can integrate with existing digital workspaces and meet specific cybersecurity and network requirements.

Developers might feel pressure to deploy in a hurry, yet skimping on security to save time can open the door to persistent risks. The findings of the latest Cloud Threat Report released by Unit 42 point to a rather unfortunate marriage of fastmoving, competitive strategies and lax attention to security policy. Unit 42 is the threat intelligence unit of cybersecurity provider Palo Alto Networks.

Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today financial results for its fiscal second quarter 2020, ended January 31, 2020. Total revenue for the fiscal second...

Cloud threat researchers uncover vulnerabilities in infrastructure-as-code templates, deep dive into crypto operations and cybercrime trends. Read the full report.

Cortex™ SOAR is the industry's leading security orchestration, automation and response platform that unifies case management, automation, real-time collaboration, and threat intel management to serve security teams across the incident lifecycle.

Learn how to adopt SD-WAN and get consistent performance without sacrificing security or adding needless complexity to your branches. Our experts present SD-WAN best practices to help you ensure consistent security at the branch, implement end-to-end high performance and simplify secure SD-WAN adoption.­

Cortex XDR detects command and control, lateral movement, data exfiltration, and malware activity by profiling behavior and detecting anomalies.

Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today introduced Cortex™ XSOAR, an extended security orchestration, automation and response platform that empowers security...

A detailed explanation of how the two most common AutoIT decompilers - Exe2Aut and myAut2Exe - work and how they can be tricked into decompiling a decoy script.

Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, announced today that members of its management team will be presenting at the following financial community event: Morgan Stanley...

Brad Duncan is back with a new Wireshark tutorial. This one examines a recent infection of Qakbot (AKA Qbot), which is an information stealer, so security pros can better understand its traffic patterns for detecting and investigating in the future.

This guide defines a workload within the scope of the solution and provides a feature comparison between the Enterprise Edition and Business Edition.

Public cloud firewalls - sometimes referred to as virtual firewalls - are virtual network security devices deployed in public cloud environments.

Stay Up to Date on Your Upgrade ProcessWe recently announced Cortex XDR™ 2.0, a significant advancement that unifies Traps™ endpoint protection and Cortex XDR into one platform for unrivaled security and operational efficiency.

SCADA and Industrial Control Systems experience unprecedented levels of agility, speed, and cost savings with the adoption of information technology and increased connectivity to supporting networks. However, with this modernization have also come undesired IT vulnerabilities and other threat vectors which are increasingly being exploited by malicious actors. The need for improved security in ICS has never been higher and has become a board-level issue for many organizations. In this paper Mario Chiock, Cybersecurity & Disruptive Technology Executive Adviser and Del Rodillas Senior Manager, SCADA and Industrial Controls Cybersecurity go through the nine core capabilities that define this 21st century security platform for industrial control systems.

As you may be aware, there’s money to be made on the internet. The question, of course, is how. Not everyone has the reality-distortion skills to start their own tech unicorn, or the Stanford connections to become an early employee there, or the indifference to sunlight necessary to become a world-class Fortnite gamer.

Thousands of servers could be exposed to SharePoint vulnerability CVE-2019-0604, recently used in cyberattacks against Middle East government targets.

Here’s a look at 20 cloud security vendors that have taken on the migration, compliance and governance challenges in the cloud computing space.

A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42.

This post is based on additional findings from the Unit 42 Cloud Threat Report which shows how misconfigured Docker registries could leak confidential data, lead to a full-scale compromise, and interrupt the business operations.

Hunt down and stop stealthy attacks by unifying network, endpoint, and cloud data

Unit 42's detailed analysis of sensitive data exposed in GitHub repositories and the immediate need to shift how teams within enterprises discover and remediate issues earlier.

Executive summary for the Spring 2020 Cloud Threat Report details insecure IaC templates, unencrypted databases, and logging issues. Read for details.

Executive summary for the Spring 2020 Cloud Threat Report details insecure IaC templates, unencrypted databases, and logging issues. Read for details.