Corporate Blogs

Combating Ransomware Attacks: Insights from Unit 42 Incident Response
Ransomware attacks have evolved over the years from a threat primarily targeting individuals with modest ransom demands, to a sophisticated form of cy...
Sep 28, 2023
Data — The Lifeblood of Security and Detection Engineering
In episode 5 of “This Is How We Do It,” Peter Havens from Cortex product marketing and Isaac Krzywanowski, staff security engineer at P...
Sep 12, 2023
Made for Taiwan: New Palo Alto Networks Cloud Location Includes Cortex
Palo Alto Networks is proud to announce a new cloud location in Taiwan, bringing Cortex XDR, Xpanse, XSOAR, and XSIAM to customers in the country. This is a testament to Palo Alto...
Sep 07, 2023
NextWave Cloud Service Provider Path — Breakaway 1=5
Amid hybrid work and an accelerated shift to the cloud, the use of cloud environments has become the new norm. At Palo Alto Networks, we have seen our Cloud Service Provider (CSP)...
Sep 07, 2023
By 
From Cybersecurity Webmaster to CISO
Charting the course of my career, transitioning from a cybersecurity webmaster to chief information security officer (CISO), has given me unique insights (and scars) into the multifaceted nature of cybersecurity. Where preven...
Sep 06, 2023
Palo Alto Networks Empowers MSPs with Prisma SASE Enhancements
The Only Leader in Single-Vendor SASE. Period.
Palo Alto Networks has been recognized as the sole Leader in the Gartner® Magic Quadrant™...
Aug 21, 2023
SEC Rule Sparks Reimagining of Cybersecurity Operations
The U.S. Securities and Exchange Commission (SEC) has placed cybersecurity at the center of public company governance with its new cybersecurity incident reporting rule. Companies...
Aug 17, 2023

Network Security Blogs

Always Innovating: Cloud Native Security for Azure, AWS & GCP
Always Innovating: Innovations in Cloud Native Security for Azure, AWS and GCPWelcome to the September 2023 edition of Always Innovating in Network Security.
Sep 27, 2023
Just Released and Ready for Download — Software Firewalls for Dummies
If you want to protect applications and workloads throughout today’s complex and interrelated environments, you need software firewalls. But, what exa...
Sep 19, 2023
Get Ready for Google Cloud Firewall Plus, Network Integration Ease
Are you seeking more simplicity and choice to secure your applications and workloads in Google Cloud? You’re not alone. Too often the need to secure applications built and deployed in the cloud — or being moved...
Aug 29, 2023
Always Innovating: Advanced Threat Prevention and Software Firewalls
Following our strong Fiscal Year 2023 financial results, we bring you the August 2023 edition of Always Innovating in Network Security. In this edition, we share our latest innovations in Advanced Threat Preven...
Aug 22, 2023
Cloud NGFW for AWS Integrates with Panorama
Now there’s yet another reason to deploy Cloud NGFW for AWS. The managed cloud firewall service — which provides best-in-class security with AWS cloud native ease of use — is now integrated with the Panorama™ m...
Aug 07, 2023
Prisma Access & Cloud Dynamic User Groups Find Risky Users
Prisma Access, the cloud-delivered security service edge platform from Palo Alto Networks, expands ZTNA 2.0 coverage to Microsoft Azure AD with Cloud...
Aug 04, 2023
Cloud NGFW for Azure Now Generally Available
We reached a big milestone for our customers with applications in the Azure public cloud. Two months ago, we launched the public preview version of Cloud NGFW for Azure, a managed next-generation firewall (NGFW...
Aug 01, 2023
Securing your Branches with Zero Compromise
This blog is part of the “Branch of the Future” series where we take a closer look at the four key tenets that next-generation SD-WAN and SASE provide to deliver a branch network that is digital-first, secure a...
Jul 28, 2023

SASE Blogs

Use AI/ML to Fully Monetize Your Managed SD-WAN Solutions
Managed service providers (MSPs) globally find themselves in a challenging environment where intense competition and the commoditization of bandwidth have increasingly made it difficult to achieve and maintain...
Sep 07, 2023
Meet AI-Powered Prisma SASE at SASE Converge 2023
Whether it’s helping us write a book or predict the likelihood of developing certain diseases, artificial intelligence (AI) has the opp...
Sep 13, 2023
Palo Alto Networks Empowers MSPs with Prisma SASE Enhancements
Introducing Prisma Access Colo-Connect for Private App Access
The Only Leader in Single-Vendor SASE. Period.
Palo Alto Networks has been recognized as the sole Leader in the Gartner® Magic Quadrant™...
Aug 21, 2023
Introducing Email DLP: AI-Powered Data Protection for Email
With hybrid work as an established trend, employees increasingly rely on digital tools like email applications to collaborate and get w...
Aug 18, 2023
Zero Trust Edge — Forrester Names Palo Alto Networks a Leader
Today, Palo Alto Networks was named a Leader in The Forrester Wave™: Zero Trust Edge Solut...
Aug 16, 2023
The Rise of AI-Powered SASE and Digital Experience Monitoring: EMA Report Summary
In partnership with EMA, we’ve published a report “The Rise of AI-Powered SASE and Digital...
Aug 10, 2023

Cloud Native Security Blogs

Securing Your Metadata from Cloud Heists with Prisma Cloud’s Attack Path Policies
Many businesses today rely on cloud computing, and AWS is a significant player in this space. Using AWS, though, can be tricky. If not set up correctl...
Sep 26, 2023
Zero Trust Security Model in Cloud Environments
The traditional network security model has long relied on a simple yet increasingly outdated concept — the secure perimeter. The secure perimeter approach assumes everything inside a network is inherently trust...
Sep 21, 2023
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree
Learn how a novel attack vector in GitHub Actions allows attackers to distribute malware across repositories using a technique that exploits the actio...
Sep 14, 2023
OpenID Connect: Let’s Talk Security
OpenID Connect (OIDC) is a modern authentication and authorization protocol built on top of the 0Auth 2.0 framework. OIDC enables secure and standardized authentication in applications, particularly web and mobile applications.
Sep 12, 2023
GigaOm Names Prisma Cloud a CSPM Leader, Second Consecutive Year
Moving to the cloud comes with technical complexities — security being one. Addressing the misconfigurations and risks contributes to this complexity,...
Aug 31, 2023
Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions Workflows
In today’s post, we look at action pinning, one of the profound mitigations against supply chain attacks in the GitHub Actions ecosystem. It turns out, though, that action pinning...
Aug 30, 2023
New Innovation Insight: CIEM Report from Gartner®
As the cloud continues to dominate the operating landscape, it has also revolutionized identity and access management, giving rise to new challenges — particularly with the proliferation of identities required...
Aug 23, 2023
Elevate Cybersecurity with PRISMA IDs
In the cybersecurity maze, finding and addressing vulnerabilities is like chasing shadows. Every point of weakness opens a door to potential threats. While many organizations rely on the CVE system to identify...
Aug 22, 2023

Security Operations Blogs

Artificial Intelligence — Beyond the Algorithms
In Episode 6 of “This is How We Do It,” Peter Havens, from Cortex product marketing, continues the interview series. He sits down with Yoni Allon, VP Research, to discuss how Palo...
Sep 26, 2023
Palo Alto Networks Leads the Pack in KuppingerCole's ASM Leadership Compass
We are thrilled to announce that Cortex® Xpanse™ from Palo Alto Networks has been recognized as the leader of leaders in the recent attack surface management (ASM) market evaluatio...
Sep 21, 2023
Playbook of the week: Uncover Your RDP Secrets
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software, w...
Sep 21, 2023
ONLY Cortex Delivers 100% Protection and Detection in MITRE Engenuity
The results of the fifth round of the MITRE Engenuity ATT&CK Evaluations have been rel...
Sep 20, 2023
Playbook of the Week: Cloud Token Theft Response
Cloud computing's scalability, adaptability, and cost-efficiency have seen businesses increasingly utilize these services. Nevertheless, with the growth of cloud services come new...
Sep 14, 2023
Cybersecurity Insights: Upcoming Events with the Threat Research Team
Our Threat Research team at Palo Alto Networks is actively sharing their intelligence and findings on the global stage in some upcoming...
Sep 13, 2023
Data — The Lifeblood of Security and Detection Engineering
In episode 5 of “This Is How We Do It,” Peter Havens from Cortex product marketing and Isaac Krzywanowski, staff security engineer at P...
Sep 12, 2023
Made for Taiwan: New Palo Alto Networks Cloud Location Includes Cortex
Palo Alto Networks is proud to announce a new cloud location in Taiwan, bringing Cortex XDR, Xpanse, XSOAR, and XSIAM to customers in the country. This is a testament to Palo Alto...
Sep 07, 2023

Unit 42 Threat Research

company article
CL0P is distributing ransomware data via torrents. We investigate this new method, including seeds we’ve tracked — disguising victims with Pokemon. Catch th...
September 29, 2023
company article
Threat activity targeting a Southeast Asian government could provide insight into the workings of APT Gelsemium. We examine the rare TTPs we observed in two att...
September 22, 2023
company article
APT Stately Taurus (aka Mustang Panda) conducted cyber espionage against a Southeast Asian government, including data exfiltration from compromised networks....
September 22, 2023
company article
We analyze waves of attacks on a Southeast Asian government linked to Alloy Taurus. By exploiting exchange servers, the attackers established a foothold for lon...
September 22, 2023
company article
We investigate espionage attacks on a Southeast Asian government. Initially considered a single actor, it was in fact three separate threat actor clusters. Each...
September 22, 2023
company article
A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code....
September 19, 2023
company article
A threat assessment of Turla (aka Pensive Ursa) breaks down this Russian-based APT's arsenal and techniques used, covering the top 10 active malware employed....
September 15, 2023
By  Unit 42
company article
Muddled Libra uses the 0ktapus phishing kit, among other advanced tactics. We detail our observations of their activity using the MITRE ATT&CK framework....
September 15, 2023

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.