Date

By Source

By Technology

By Services

By Audience

Displaying 2611 to 2640 of 9215

Palo Alto identifica malware que infecta iPhones - mesmo os que não passaram por jailbreak

A Unit 42, unidade de pesquisas da Palo Alto Networks, identificou um novo trojan capaz de infectar dispositivos iOS que não passaram por jailbreak, ou seja, que não tiveram o sistema operacional desbloqueado para a instalação de softwares não autorizados pela Apple. Chamado "AceDeceiver", o malware afeta atualmente usuários Apple na China.

  • 0
  • 400

Version 3.3.8 Released on March 17th 2016

Fixes: Checkpoint Exclusion Groups. Reviewed and fixed. OUTPUT-API: Subinterfaces were not added into Panorama templates.  Sub Atomic calls for Network profiles were incorrectly generated. Ike Gateways. The Ike crypto profile was not added correctly Filters. The whole policy filters language has been reviewed and now works as expected. Zone Grid.

alestevez,
  • 0

THE POLLS ARE OPEN: VOTE FOR THE CYBERSECURITY CANON (Week 6)

Week 6 of voting is now open for this year’s inductees into The Cybersecurity Canon. To get you ready for the upcoming March Madness, we’re shaking things up and doing voting bracket competition style! Here’s how it works:

Rick Howard,
  • 358

Connect to Protect: CSO Thoughts from RSA 2016

The theme of this year’s RSA Conference was “Connect to Protect,” promoting connections among the information security community, IT and other parts of the enterprise, and private and public sectors. It was the 25th annual event, which saw 40,000+ attendees and more than 550 vendors in the expo hall showing off their wares. Over a number of days, keynotes from industry leaders addressed the need to do something different. Debates focused on the Internet of Things, industrial control systems, encryption, artificial intelligence and machine learning, crowdsourcing, and more, with many …

Sean Duca,
  • 437

Available Now: March Madness Custom App-IDs

The annual college basketball frenzy known as March Madness is in full swing. Brackets are feverishly pored over, office pool picks are made and men and women alike argue about the existence of the next “Cinderella”. And then it starts: the passionate tracking of your picks.

Matt Keil,
  • 845

Apple 'AceDeceiver' DRM Flaw Allows Malware To Install Itself On Non-Jailbroken iPhones

Security researchers from Palo Alto Networks uncovered a new iOS malware family that takes advantage of vulnerabilities in Apple’s DRM software and can infect non-jailbroken devices. The researchers called the malware “AceDeceiver.”

  • 0
  • 411

iOS Malware "AceDeceiver" Exploits Flaw in Apple DRM

Researchers have discovered a new iOS malware family that abuses design flaws in Apple’s FairPlay digital rights management (DRM) technology to infect devices, even ones that haven’t been jailbroken.

  • 0
  • 407

This Nasty New Malware Can Infect Your Apple iPhone or iPad

pple’s mobile operating system just got a nasty bug. Researchers from the cybersecurity firm Palo Alto Networks PANW 0.02% said on Wednesday that they discovered new malware that can infect Apple iOS devices even if they aren’t jailbroken.

  • 0
  • 456

'AceDeceiver' iPhone Malware Uses Pirate Skills To Sneak Past Apple Security

A unique kind of iPhone malware has been uncovered, exploiting design flaws in Apple’s FairPlay digital rights management (DRM) protection mechanism FairPlay. Unlike most strains of iOS malicious software, the so-called AceDeceiver works on non-jailbroken iPhones.

  • 0
  • 425

AceDeceiver: First iOS Trojan Exploiting Apple DRM Design Flaws to Infect Any iOS Device

We’ve discovered a new family of iOS malware that successfully infected non-jailbroken devices we’ve named “AceDeceiver”. What makes AceDeceiver different from previous iOS malware is that instead of abusing enterprise certificates as some iOS malware has over the past two years, AceDeceiver manages to install itself without any enterprise certificate at all. It does so by exploiting design flaws in Apple’s DRM mechanism, and even as Apple has removed AceDeceiver from App Store, it may still spread thanks to a novel attack vector. AceDeceiver is the first iOS malware we’ve …

Claud Xiao,
  • 0

Industrial Control Systems

The Security Reference Blueprint for Industrial Control and SCADA Systems provides a framework in which Owner/Operators can protect these critical systems from compromise, rationalize the scope of compliance, and more, using the core capabilities of Palo Alto Networks next-generation security platform.

  • 0
  • 1129

Enable High Availability

With the emergence of an application-driven economy and the persistent risk of cyberattacks, enterprises large and small are finding it critical to maintain highly available and continuous next-generation security protection for their network infrastructure.

  • 1
  • 1243

How to Submit a Vulnerability Signature False Positive

Overview When submitting a vulnerability false positive report, preemptively gathering data to attach to the case will result in a quicker turn around time.   Vulnerability false positives are handled differently than virus false positive reports; while virus false positive investigations usually involve inspection of the offending file, vulnerability false positives

rcole,
  • 0

How to Submit an Anti-Virus False Positive

When submitting a virus false positive report, preemptively gathering data to attach to the case will result in a quicker turnaround time.   Collecting a full sample to submit is useful for analysis, as it is fully possible an antivirus signature can trigger for a similarly structured sample as the

rcole,
  • 0

Traceroute dropped by the firewall due to specific Zone Protection settings

Symptoms   This article discusses the issue of traceroute being dropped by the firewall due to application of a 'Zone Protection' profile with specific options.    Traceroute failing to show any hops between the source and destination except the destination,   the firewall and the hops preceeding the firewall:    

syadav,
  • 0

Customer Spotlight: Top UK Research University Gets Future-Proof Solution for Bandwidth and Security Needs

Founded in 1862, the University of Southampton in Southampton, England is a research- intensive university with over 23,000 students, and is a founding member of the Russell Group of elite British universities. It is one of the leading entrepreneurial universities in the United Kingdom, and is regularly ranked among the top 100 universities in the world. The University of Southampton wanted to gain visibility and control over content and users to heighten security, and increase throughput to improve network responsiveness and enable new services. To accomplish this, the institution selected …

Rae Harrison,
  • 385

The Power of Palo Alto Networks Threat Prevention Across the Cyberattack Lifecycle

I recently shared examples of how App-ID and User-ID can dramatically reduce the attack surface and provide granular controls to allow exactly what traffic you want on your network. Permitting traffic based on specific applications and users will allow for least privilege controls. This least privilege model also applies to attackers, reducing the potential ways for the attacker to infiltrate and exfiltrate the network. All of the permitted traffic that gets through needs to be inspected for malicious activity that can be categorized as known and unknown. Known malicious activity …

Stephen Perciballi,
  • 0

Now Available: Open-Sourced AutoFocus Python Client Library

Palo Alto Networks is proud to announce the public release of a Python client library for interacting with our AutoFocus API. AutoFocus was released last year to provide actionable threat intelligence and prioritized alerts for organizations by combining data collected from thousands of WildFire customers, Unit 42 threat research, and other cyber security intelligence feeds drawn from vendor and other third party partnerships. For many of you currently subscribed to AutoFocus, previous interaction with the service may have been purely through our user interface and alert notifications. However, it is …

Ben SmallRuss Holloway,
  • 778

Tips & Tricks: Changing default behavior for TCP control flags

In certain scenarios, an external server, service, or appliance may send a FIN or RST packet, but rather than immediately close the session, the session will remain open for a longer-than-expected time.   In PAN-OS 6.0, the default timer for a session to be closed after receiving a FIN/RST packet

reaper,
  • 0

Getting Started: Log forwarding

What more can my firewall do? Forward log files and reports—   In some situations, it might be useful to send logs to a Security Information and Event Management (SIEM) software product, log correlation product, Panorama centralized management, or simply receive an email when a certain event occurs.   On

reaper,
  • 0

MT 3.3.7a - From CheckPoint to PaloAlto - vsys1 statement is missing on subinterfaces

Hi, When we merge interfaces from CheckPoint to Palo Alto base, and generate xml output, all the subinterfaces is missing the vsys1 statement. However, the "native" interfaces is ok.   Workflow we use in MT 3.3.7a: - Import CheckPoint - map interfaces to Palo Alto statements  - merge (drag'n'drop) to

slangsvold,
  • 0

Building a 'cyber photofit' of attackers

One of the most common concerns at the moment is the shortage of cyber security skills. Most companies simply don't have enough skilled staff to manage their cyber security challenges, which are only set to increase as technology usage grows and attacks continue to multiply.

  • 0
  • 441

DotW: SSLv2 Weak RSA Cipher Detected - DROWN vulnerability

Lately we've seen more activity in the community about the SSLv2 Weak RSA Cipher Detected - DROWN Vulnerability issue recently discovered.   The following discussion starter from member santonic asks if PA covers the Drown attack.   Does Palo Alto Networks detect the DROWN attack/vulnerability?  This is a common question being posted

jdelio,
  • 0

Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government

Unit 42 has collected multiple spear phishing emails, weaponized document files, and payloads that targeted various offices of the Mongolian government during the time period of August 2015 and February 2016. The phishing emails and document files leveraged a variety of geopolitically sensitive subject matters as attractive lures, such as events in Beijing, the Dalai Lama, North Korea relations, the Zika virus, and various legitimate appearing announcements. As we began to analyze and tear down the various samples we collected, we found significant overlaps with previously reported and documented adversary groups, …

Josh GrunzweigRobert FalconeBryan Lee,
  • 0

Tech Tips User-ID

Read our best practices for deploying user-based policies on your Palo Alto Networks Next-Generation Firewall and tips for a smooth and successful implementation.

  • 3
  • 1076

DotW: Update Checks

In this week's Discussion of the Week (DotW), we're taking a closer look at a challenging question posted by Community member xandout about upgrading PAN-OS. Again, the Community rallies 'round and is able to offer some advice and workarounds.     Member xandout asks about update checks behaving strangely resulting in an

kiwi,
  • 0

KeRanger - Executive Advisory Report

On March 4, 2016, Unit 42, the Palo Alto Networks® threat intelligence team, identified the first ever fully functional ransomware targeting Mac® OS X® users.

  • 0
  • 918

Southern Cross Hospitals

Southern Cross Hospitals is New Zealand’s largest network of private surgical hospitals. To consistently deliver excellence in health services, Southern Cross Hospitals relies on a high performing, highly available information network to connect facilities across the country. By installing Palo Alto Networks Next-Generation Security Platform, Southern Cross Hospitals updated its security infrastructure to prevent sophisticated attacks, such as zero-day exploits, from compromising critical hospital systems.

  • 0
  • 773

New Zealand Hospital System Prescribes Palo Alto Networks Next-Generation Security Platform for Healthy Network Security

Palo Alto Networks® (NYSE: PANW), the next-generation security company, today announced that Southern Cross Hospitals, New Zealand’s largest network of private surgical hospitals, have selected the Palo Alto Networks Next-Generation Security Platform to improve Internet performance and site resilience for its healthcare facilities while maintaining centralized control to ensure the highest levels of network security.

Santa Clara
  • 0
  • 669

PAN-OS 7.1 User-ID enhancements

User-ID is a key component in any sucsessful Palo Alto Networks offering or solution. Palo Alto Networks improves the way User-ID works in PAN-OS 7.1 through three key enhancements:   User-ID redistribution User-ID configurable Ignore User List User-ID Group Capacity Increase User-ID redistribution   Issue On PAN-OS 7.0, a firewall

jdelio,
  • 1
Displaying 2611 to 2640 of 9215