Safely enable web access while providing protection against malware or phishing sites is of the utmost importance to organizations today.

3 Important updates for Palo Alto Networks NextWave partners

Unit 42 investigates the latest trends in web-based threats.

File Hash: 127259300f4786c1f615be658d236aa875a9dc20fc0be4b5f9cdc637ba058622 Link to Virustotal report for the file: https://www.virustotal.com/#/file/127259300f4786c1f615be658d236aa875a9dc20fc0be4b5f9cdc637ba058622/ Current VirustTotal Verdict: generic.ml Description: This exe has been built by ourself, we are the publisher of the file. We are sure this is a false positive detection.  

Hello,   Has anyone else ran into the occourance where the set commands (specfically for secuirty policies) are missing? The Secuirty/NAT policies are indeed in the XML. When I try to go ahead an regernate the XML and set output I get an error saying "aborted".    

Hey Everyone,   Looking to get Expedition in Azure specifically.  I see details on creating an ovf, but looking for steps for building this in Azure.   I know that MS has a converted for OVF also, but am worried about double conversions.   Any help is appreciated and Thanks!

Terraform Provider Version 1.2.0   The Palo Alto Networks Terraform provider, panos version 1.2.0 has been released! This release includes some requested enhancements as well as some new resources.   The updated documentation for the panos provider can be found here.   Features   New Resource: panos_telemetry New Resource: panos_security_policy_group [GH-20]

Why it's important for CISOs to incorporate regional laws into cyber strategy.

Phishing: the attempt to obtain sensitive information (such as usernames, passwords, and credit card information, etc.), by presenting oneself as a trustworthy entity.   Between January and March of 2018, Unit 42 has uncovered over 4000 URLs from over 250 domains used in phishing attacks. Over half of these domains

SYDNEY, Australia, 19 June 2018 – Palo Alto Networks® (NYSE: PANW), the global cybersecurity leader, today announced the opening of its Sydney Cyber Range as the newest facility in its global Cyber Range initiative.

Unit 42 uncovers over 4,000 URLs from 262 unique domains used in phishing attacks between January and March of 2018.

Hi Experts,   I’m testing with Splunk but, I got a problem about deduplicate. I’ve been input different 1000 indicators of IPv4 after deduplicate, there is 750 indicators of IPv4. below one IP address has a different value but, after deduplicate, I can see only one indicator. My expectation is

Catch up on the latest Palo Alto Networks news of the week.

Overview of the Resident Engineer program, which provides you with extended on-site resources for deploying and using the Palo Alto Networks next-generation firewall.

Dig into this week's NextWave Partner Channel Scoop.

Palo Alto Networks (NYSE: PANW) has added Richard Ledgett, former deputy director at the National Security Agency, and Christopher Painter, former top cybersecurity official at the State Department, to its public sector advisory council to help shape the company’s cyber strategy and offer advice on security and technological needs of government clients.

Hi to all.   With the newest Minemeld version (0.9.48) i have this error related to a STIX/TAXII feed that up to the update was working fine:   AttributeError: 'module' object has no attribute 'set_id_namespace'.   Is there a way to downgrade MineMeld?   Thank you in advance. N.    

Dear all,   today my Taxii Output stopping working, in minemeld-engine.log i see these errors:   2018-06-15T13:23:33 (24179)actorbase._actor_loop ERROR: CyberSOC-taxiiDataFeed-Test - error executing ActorCommand(command='update', kwargs_={u'source': u'MISP_CyberSOC_anyEvents', u'indicator': u'https://pastebin.com/v10rKA6d', u'value': {u'confidence': 70, u'last_seen': 1529056265701L, u'misp_event_tags': [u'family:njRAT', u'type:RAT', u'platform:Windows', u'tlp:green', u'admiralty-scale:source-reliability="a"'], u'misp_event_uuid': u'5b227613-8984-408b-b375-56c5ac110002', u'type': u'URL', u'misp_attribute_uuid': u'5b227617-dfac-4d8c-89c1-55d7ac110002', u'share_level': u'green', u'sources': [u'misp.test'], u'misp_attribute_comment':

Hello team!   I hope you are doing alright. Currently, I am trying to add a customized miner prototype and while creating it in the /opt/minemeld/local/prototypes/ folder, I am not able to see in added in the GUI.   What could be the problem here?   Thanks in advance!   Best

Hi I'm going to migrate Checkpoint firewall to existing Palo Alto Networks deployment and I'd like to use objects already existing in Panorama. I've connected Panorama and imported Checkpoint config to one project. I'd like to add Checkpoint config and objects to new Device Group and use existing shared objects

Next hurdle - When I am trying to import a set of RE rules, I select what I want, the specific sections I want, etc, and hit Import, and the status at the bottom of the box says "Pending...". What is the status/log file to monitor for that process? /tmp/error_SecRulesEnrich

Palo Alto Networks® (NYSE: PANW), the global security leader, today announced the addition of three distinguished cybersecurity leaders as advisers to provide guidance on the security challenges...

Anyone have a problem with, when you try to do rule enrichment on a rule(s) that is marked for RE, when you click on "Analyze Data" it says "no rules selected for learning"?  

Introducing Traps for Android: detection and prevention to Android endpoints.

Learn more about our custom App-ID for the 2018 FIFA World Cup.

Palo Alto Networks said Thursday it has brought onboard three former top federal cybersecurity officials to advise the company on security and technology trends in both the U.S. and international government sectors.

Hi PaloAlto, One of our files, BA003.exe (md5 5fcec23f3a287e118af4a73966dc796d) is being flagged as generic.ml. Can I ask you to review and reassess the detected file in the context of the installer that uses the file, rather than as a stand-alone file, with the aim of removing BA003.exe from detection? Detected

Hello, i'm trying to migrate from Juniper ssg config, and on the dashboard i see 1030 duplicated addresses. However i was not able to remove them before exporting to xml PA config. Any tips to do it? i searched alot, but saw no suitable solution. I use the latest expedition

Historically some malformed or irregular packets that were discarded by a zone protection profile or built in protection (like LAND attacks) would only increment a global counter to indicate an action was taken. This made troubleshooting such occurences, or logging for auditing and compliancy, a little more tedious.   Starting

Security researchers at Palo Alto Networks Inc. have published a new report stating that there has been a massive surge in cryptomining malware, having discovered 629,126 cryptomining malware samples recently, with the vast majority mining for Monero.