Cybercrime State-backed hackers hammer Palo Alto firewall zero-day before patch lands Internet-facing PAN-OS firewalls are once again doing impressions of initial access brokers
Security Palo Alto CEO says AI isn’t great for business, yet Sees little enterprise AI adoption other than coding assistants, buys Koi for what comes next
Cyber-crime Asia-based government spies quietly broke into critical networks across 37 countries And their toolkit includes a new, Linux kernel rootkit
Patches Popular Python libraries used in Hugging Face models subject to poisoned metadata attack The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group
AI + ML Yes, criminals are using AI to vibe-code malware They also hallucinate when writing ransomware code
Agentic AI Palo Alto Networks security-intel boss calls AI agents 2026's biggest insider threat Lock 'em down
Security Palo Alto's new Google Cloud deal boosts AI integration, could save on cloud costs SEC filings show the outfit cut projected 2027 cloud purchase commitments by $114M
Security Lifetime access to AI-for-evil WormGPT 4 costs just $220 'Ah, I see you're ready to escalate. Let's make digital destruction simple and effective.'
CSO Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood GlobalProtect login endpoints targeted, sparking concern that something bigger may be brewing
Security Palo Alto CEO tips nation-states to weaponize quantum computing by 2029 Company thinks you’ll contemplate replacing most security kit in the next few years to stay safe
Research Previously unknown Landfall spyware used in 0-day attacks on Samsung phones 'Precision espionage campaign' began months before the flaw was fixed
Cybersecurity Month Beijing-backed burglars master .NET to target government web servers ‘Phantom Taurus’ created custom malware to hunt secrets across Asia, Africa, and the Middle East
Cyber-crime Stolen OAuth tokens expose Palo Alto customer data Security firm's Salesforce instance accessed using credentials stolen from Salesloft's Drift platform breach
Security Browser wars are back, predicts Palo Alto, thanks to AI CEO says if you buy all your infosec stuff from him, life under assault from bots will be less painful
Security Palo Alto Networks inks $25b deal to buy identity-security shop CyberArk The lure? Identity security and privileged access management tools to verify humans and... machines
Cyber-crime Why is China deep in US networks? 'They're preparing for war,' HR McMaster tells lawmakers House Homeland Security Committee takes a field trip to Silicon Valley
Cyber-crime Scattered Spider snared financial orgs before targeting shops in Britain, America Crew ain't done hopping sectors, Unit 42 threat hunter warns
CSO The future of AI in cybersecurity in a word: Optimistic Think of artificial intelligence as your embedded ally
Devops That massive GitHub supply chain attack? It all started with a stolen SpotBugs token But this mystery isn't over yet, Unit 42 opines
Networks Why is someone mass-scanning Juniper and Palo Alto Networks products? Espionage? Botnets? Trying to exploit a zero-day?
Security Palo Alto firewalls under attack as miscreants chain flaws for root access If you want to avoid urgent patches, stop exposing management consoles to the public internet
Networks Mysterious Palo Alto firewall reboots? You're not alone Limited-edition hotfix to get wider release before end of month
Cyber-crime Don't fall for a mail asking for rapid Docusign action – it may be an Azure account hijack phish Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns
CSO 1,000s of Palo Alto Networks firewalls hijacked as miscreants exploit critical hole PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more
Patches Palo Alto Networks tackles firewall-busting zero-days with critical patches Amazing that these two bugs got into a production appliance, say researchers
CSO Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit Yank access to management interface, stat
Research Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town No malware crew linked to this latest red-teaming tool yet
Security Palo Alto takes a big $500M bite out of IBM QRadar Big Blue also shifts to Prisma SASE to secure its 250,000 workforce
Security Palo Alto Networks execs apologize for 'hostesses' dressed as lamps at Black Hat booth Biz admits turning human women into faceless, sexualized furniture was a 'tone deaf' marketing ploy
Cyber-crime Six ransomware gangs behind over 50% of 2024 attacks Plus many more newbies waiting in the wings
Security Fighting AI fire with AI fire Palo Alto Networks reveals how AI can be harnessed to strengthen cyber security defenses David Gordon
Security Your copilot for improved cyber protection Watch this video to learn how Palo Alto Networks is using GenAI to automate and simplify cybersecurity
Security Respect your data, and protect it Hear how AI runtime security secures applications in the complete journey from design to build to run
Security Embedding AI security from the get go Watch this Palo Alto Networks keynote to understand the importance of visibility, control and governance in AI application and service development
Security Exploit code for Palo Alto Networks zero-day now public Race on to patch as researchers warn of mass exploitation of directory traversal bug
Cyber-crime Zero-day exploited right now in Palo Alto Networks' GlobalProtect gateways Out of the PAN-OS and into the firewall, a Python backdoor this way comes
Security Palo Alto investor sues over 28% share tumble Lawsuit alleges it misled investors with claims new AI products were 'facilitating greater platformization' and more
Security Tips on meeting complex cloud security challenges Learn about the benefits of applying advanced automation to policy management practices
Research New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies How good are your takedowns when fresh gangs are linked to previous ops, though?
Cyber-crime North Korea makes finding a gig even harder by attacking candidates and employers That GitHub repo an interviewer wants you to work on could be malware
Research Cryptojackers steal AWS credentials from GitHub in 5 minutes Researchers just scratching surface of their understanding of campaign dating back to 2020
Black Hat and DEF CON Infosec imposter syndrome is real. Here's something that can help Talk about an insider threat
Security INTERSECT '23: Network Security Summit unveils cutting-edge strategies to safeguard digital assets Palo Alto Networks addresses the mounting challenges posed by sophisticated cyberthreats
Spotlight on RSA Plugging the infosec holes before the bad guys can sneak in Security posture management gets its due at RSA
Spotlight on RSA Keep calm and carry on when the supply chain goes up in flames Lessons learned from the front-line responders
Security PlugX RAT masquerades as legit Windows debugger to slip past security DLL side-loading does the trick, again
Security Want to detect Cobalt Strike on the network? Look to process memory Security analysts have tools to spot hard-to-find threat, Unit 42 says
Cyber-crime Upstart Ransom Cartel linked to REvil veterans Lesser of two REvils? There’s a relationship, say infosec bods, but not enough to say one evolved into the other
Security The agent of successful cyber security defense A two-pronged approach that combines agent and agentless tools may offer the best protection
Research Near-undetectable malware linked to Russia's Cozy Bear The fun folk who attacked Solar Winds using a poisoned CV and tools from the murky world of commercial hackware
Research Chinese-sponsored gang Gallium upgrades to sneaky PingPull RAT Broadens targets from telecoms to finance and government orgs
Security HelloXD ransomware bulked up with better encryption, nastier payload Russian-based group doubles the extortion by exfiltrating the corporate data before encrypting it.
Cyber-crime Suspected phishing email crime boss cuffed in Nigeria Interpol, cops swoop with intel from cybersecurity bods
Security Don’t expect to get your data back from the Onyx ransomware group The cybercriminals trash files larger than 2MB, forever losing them to the void
Cyber-crime REvil resurrected? Ransomware crew appears to be back. Keyword: Appears Months after arrests, gang – or someone mimicking them – now active
Patches AWS's Log4j patches blew holes in its own security Remote code exec is so 2014. Have this container escape and privilege escalation, instead
Security Microsoft details how China-linked crew's malware hides scheduled Windows tasks All so that it can maintain backdoor access across reboots
Security Unit 42: Ransomware demands we're aware of averaged $2.2m last year Conti, REvil declared most active criminal gangs
Security Ukraine invasion: This may be the quiet before the cyber-storm, IT staff warned Now is the time to be a prepper – the computer security kind
Security Palo Alto Networks patches 9.8 severity CVE in popular GlobalProtect product Arbitrary code execution by unauthenticated attacker? Big oops
Security Report sheds light on 'cocky' but 'creative' Mespinoza ransomware group Palo Alto's Unit 42 rejects claims group has shifted to ransomware-as-a-service
Security Report shines light on REvil's depressingly simple tactics: Phishing, credential-stuffing RDP servers... the usual And those multimillion-dollar payouts
Security Siloscape malware targets Windows containers, breaks through to the underlying Kubernetes cluster Using techniques Microsoft had previously considered 'not a vulnerability'
Security Miscreants started scanning for Exchange Hafnium vulns five minutes after Microsoft told world about zero-days Being slow to patch just means you'll get pwned faster
Security Scammers tried slurping folks' login details through 70,000 coronavirus-themed phishing URLs during 2020 Palo Alto Networks lays bare a year of dastardly digital doings
Security Palo Alto Networks drops $156m to absorb DevSecOps firm Bridgecrew Open-source stuff stays for now, company promises
Applications Google binned two apps by China’s Baidu, which says researchers got it wrong by linking it to personal info leaks Palo Alto Networks spotted subscriber IDs and MAC addresses on the move
Security Palo Alto Networks threatens to sue security startup for comparison review, says it breaks software EULA 'I'm not going to be bullied by someone with deeper pockets' vows Orca boss
Security If you haven't potentially exposed 1000s of customers once again with networking vulns, step forward... Not so fast, Palo Alto Networks Getting to be a real PAN in the OS
Networks US govt warns foreign hackers 'will likely try to exploit' critical firewall bypass bug in Palo Alto gear – patch now Bogus signatures may fool your corp network's gatekeeper
Edge + IoT The Internet of Things is a security nightmare, latest real-world analysis reveals: Unencrypted traffic, network crossover, vulnerable OSes And the best part of it? Hospitals are most at risk
Networks IT isn't supposed to stand for Insider Trading... Palo Alto Networks sysadmin and pals accused of $7m shares caper Techie allegedly fed secret financial info to buddies ahead of public release
SaaS Fancy a career exposing cloud data leaks? Great news, companies are still largely clueless Unit 42 crew tours the cloud security hellscape, finds admins have learned nothing
Security Org's network connect to GitHub and Pastebin much? It's a Rocke road to cryptojacking country You might also be slurping Chinese malware
Security Fancy Bear hacker crew Putin dirty RATs in Word documents emailed to govt orgs – report Disguised as files about recent Lion Air crash, no less
Networks Palo Alto Networks buys security startup Redlock for $173m Threat detection outfit gets new owners
Networks Palo Alto Networks' new boss hints at borging rivals as losses shrink And they're sitting on a giant cash pile, much to chief exec Nikesh Arora's glee
Security Palo Alto Networks rattles tin, wants $1.5bn for, er, stuff and things Loan notes to build war chest – yet firm denies it's eyeing up a fresh buyout
On-Prem Palo Alto names new CEO: Former Googler Nikesh Arora He's heard of security but groks the cloud at scale and that's what matters
Security Everybody without Android Oreo vulnerable to overlay attack 'Toast' micro-messages can burn just about every Android users
Security Recruiters considered really harmful: Devs on GitHub hit with booby-trapped fake job emails All the more reason to reject new_position_offer.docx
Security Palo Alto Networks buys LightCyber for $105m No, not the fictional energy sword, the machine learning hacker sniffer
Software ServiceNow pals up with Palo Alto and ties up with Tanium Security ops service adds more sources telling you when to panic, and how much
Security Palo Alto reveals critical bugs and March 16th patch deadline Researcher who found the flaws will reveal crim-friendly details in three weeks
Channel Palo Alto Networks boxes spray firewall creds across the net Crummy configurations to blame, Moore hardening offered as remedy
On-Prem Palo Alto Networks splashes $US200 million on Cyvera Israeli TRAPS the prize as PAN boosts endpoint protection portfolio
On-Prem Palo Alto Networks snaps up NSA-trained security company Stealthy Morta Security sniffs cash, docks with security appliance maker
