Hi all, Do you know something sample about integration with MISP (Malware Information share platform)??? So another question is about scripts, can I launch a script into conifg a new prototype? If I've created a new prototype I set a url option...can I set the url option for
No need to use Bothans to do anything for you. They die too easily anyway! GlobalProtect delivers security to any user, any device, anywhere. Even to Bothans! GlobalProtect network security for endpoints extends the protection of next-generation security to the mobile workforce in order to stop targeted cyberattacks, evasive
Following all the requirements for proxy configuration - https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Minemeld-with-Proxy/m-p/77356/highlight/true#M85 I can perform a curl request, for example curl https://www.spamhaus.org/drop/edrop.txt and get back a response. /etc/default/minemeld is configured with the proxy settings as well as /etc/environment. But still getting an error: 2017-02-20T00:04:30 (212)basepoller._poll ERROR: Exception in polling loop for spamhaus_DROP:
C-Levels da Palo Alto Networks afirmam na RSA Conference que estratégias de segurança precisam ser pautadas em visibilidade e apontam a integração de tecnologias como a melhor aliada no combate ao cibercrime
Security platforms with open application programming interfaces (APIs) are set to turn the business model for the information security on its head, according to Mark McLaughlin, president and CEO of Palo Alto Networks.
A tremendous amount of healthcare data will be moved to the Amazon Web Services and Microsoft Azure clouds for either private or public use in 2017. It makes sense, because hospital leaders are of the mindset that they prefer to be in the business of treating patients, rather than managing data centers.
WE LOVE WHAT WE DO TOGETHER We celebrated love this week. Millions of people throughout the world observed Valentine's Day, giving acknowledgement and attention wherever due or desired. We echo the sentiment here in the Live Community with a resounding community rally of 'We too!' While still swooning in
So far I'm using MineMeld to pull Dshield and Spamhaus feeds to use to block inbound connections to our internet facing servers. Whilst there are loads of miners I'd love to know which ones people have found "safe" enough to use on production inbound and outbound traffic/rules and how much
Phishing and credential-based attacks have proven to be one of the most effective means of penetrating an organization. Attackers utilize various password-theft techniques to breach organizations, compromise their networks and steal critical data. There are two elements of a credential-based attack: credential theft and credential abuse.
In 2016, from September through November, an APT campaign known as “menuPass” targeted Japanese academics working in several areas of science, along with Japanese pharmaceutical and a US-based subsidiary of a Japanese manufacturing organizations. In addition to using PlugX and Poison Ivy (PIVY), both known to be used by the group, they also used a new Trojan called “ChChes” by the Japan Computer Emergency Response Team Coordination Center (JPCERT). In contrast to PlugX and PIVY, which are used by multiple campaigns, ChChes appears to be unique to this group. An …
I have rewritten the available YouTube Miner (https://github.com/PaloAltoNetworks/youtube-miner) since it only mines the first 30 Videos from a user. It now uses the YouTube API (so you need an API Key) and it mines all videos in a playlist (playlist ID required). These two variables are set via the
Using MineMeld TAXII output nodes and IBM QRadar Threat Intelligence app, it is possible to populate IBM QRadar reference sets with Threat Intelligence indicators processed by MineMeld. Reference Sets can then be used in IBM QRadar rules to detect suspicious activities After installing IBM QRadar Threat Intelligence app (available on IBM
I am trying to create an IPv4 indicator list based on PAN-OS threat logs. Below is the rule code attached to the syslogminer class stdlib.syslogMiner. RULE: age_out: default: last_seen+30d interval: 1800 sudden_death: false attributes: confidence: 50 type: IPv4 conditions: - type
Distributed Denial of Servide (or DDoS for short) attacks are all too common in today's internet of things. It's very cheap to rent (yes people are renting infected machines!) an army of infected hosts (including infected refridgerators and home thermostats!) to lay siege to a network of your choosing.
Hi, with the release of PANOS 8.0, Autofocus will have a minemeld build in. May I know if we can have a on premise minemeld to fetch the feeds from the Autofocus Minemeld? I tried to grab the minemeld feeds but it shows me unauthorized access. Do
Hackers have probably had a harder time slipping past your security software, thanks to an alliance between some of the top vendors in the industry. The Cyber Threat Alliance, a group of security firms that often compete, says its efforts to share intelligence on the latest hacking threats have been paying off.
Even the Most Advanced Malware Analysis Environment could potentially be Circumvented by a Sufficiently Advanced Attacker. From a technology perspective, it has never been a better time to be in the cyberattack business. Thanks to the common availability of attack tools in the underground marketplace, today’s adversaries don’t require the technical know-how to develop malware.
HAs-a-service offerings for things such as DDoS and malware -- including ransomware -- via exploit kits has seriously lowered the bar for entry into the criminal market. Hackers no longer need to have sophisticated skills in order to gain entry into the world of cybercrime. Scott Simkin weighs in.