Blog
Palo Alto Networks
Threat Advisories - Advisories

Palo Alto Networks

Threat Advisories - Advisories

How Cortex Xpanse Can Identify CISA-Identified Known Exploited Vulnerabilities

In late 2021, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS/CISA) issued Binding Operational Directive 22-01 (BOD 22-01), which introduced a list of Known Exploited Vulnerabilities (KEVs) that threat actors have exploited. Cortex Xpanse can help users to find potentially-impacte...

Product Features

Secure the Enterprise

Threat Advisories - Advisories

Tip of the Week

Mar 22, 2022

By Cyrus Revand

Palo Alto Networks

Products and Services

Partners

Cybersecurity, Threat Advisories - Advisories

Palo Alto Networks Researcher Discovers 3 New Critical IE Vulnerabilities

Palo Alto Networks researcher Tao Yan is credited with the discovery of three new critical Microsoft vulnerabilities in June‘s bulletin -- CVE-2016-32...

Jun 14, 2016

By Ryan Olson

Application Advisory/Analysis, Malware, Mobility, Threat Advisories - Advisories, Threat Prevention, Unit 42

Chinese Taomike Monetization Library Steals SMS Messages

Mobile app creators are often looking for ways to monetize their software. One of the most common ways to do this is by displaying advertisements to u...

Oct 21, 2015

By Zhi Xu and Claud Xiao

Announcement, Cybersecurity, Ignite, Threat Advisories - Advisories, Threat Advisory/Analysis, Vertical

Palo Alto Networks AutoFocus: Actionable Cyber Threat Intelligence Like You...

Trying to find advanced, targeted attacks can be an exercise in frustration, akin to finding a needle in a haystack. Wit...

Mar 31, 2015

By Scott Simkin

Application Advisory/Analysis, Mobility, Threat Advisories - Advisories, Threat Prevention, Unit 42

Scareware App Downloaded Over a Million Times from Google Play

We have recently been investigating an antivirus app in the Google Play store that was displaying fake virus detection r...

Jan 22, 2015

By Claud Xiao

Threat Advisories - Advisories, Threat Prevention, Unit 42

DTLS Vulnerabilities in CVE-2014-6321

Microsoft recently released a patch for a critical vulnerability in Microsoft Secure Channel (aka Schannel). This vulnerability is being referred to as MS14-066. The patch addressing CVE-2014-6321 fixed many areas within schannel.dll, inc...

Dec 10, 2014

By Jin Chen and Shengming Xu

Announcement, Cybersecurity, Threat Advisories - Advisories, Threat Prevention, Unit 42

Palo Alto Networks Addresses Bash Vulnerability Shellshock: Mitigation for ...

Around 6:00 am PST on September 24, the details of a vulnerability in the widely used Bourne Again Shell (Bash) were disclosed by multiple Linux vendo...

Sep 25, 2014

By Ryan Olson

Cybersecurity, Malware, Threat Advisories - Advisories, Threat Advisory/Analysis, Threat Prevention, Unit 42

Examining the CHS Breach and Heartbleed Exploitation

Yesterday, TrustedSec, a security consultancy based on Ohio, wrote that the recent breach at Community Health Systems (CHS) was the result of exploita...

Aug 20, 2014

By Ryan Olson

Malware, Threat Advisories - Advisories, Threat Advisory/Analysis, Threat Prevention, Unit 42

Hunting the Mutex

Mutex analysis is an often overlooked and useful tool for malware author fingerprinting, family classification, and even discovery. Far from the hypothesized "huge amount of variability" in mutex names, likely...

Aug 14, 2014

By Palo Alto Networks

Threat Advisories - Advisories, Threat Prevention, Unit 42

Backoff and Citadel Abuse Remote Access Tools

Recent events continue to highlight the abuse of remote access applications in the enterprise. Last Tuesday, Trusteer reported that a new variant of Citadel, which has long relied on VNC to give attackers remot...

Aug 04, 2014

By Rob Downs and Ryan Olson

Threat Advisories - Advisories, Unit 42

New Release: Decrypting NetWire C2 Traffic

On July 22, Palo Alto Networks threat intelligence team, Unit 42, released our first report on the evolution of “Silver Spaniel” 419 scammers. Of particular note is how these actors use a Remote Administration...

Aug 04, 2014

By Phil Da Silva, Rob Downs and Ryan Olson

Cybersecurity, Malware, Threat Advisories - Advisories, Threat Prevention, Unit 42

Is It the Beginning of the End For Use-After-Free Exploitation?

Use-after-free bugs have affected Internet Explorer for years. In the past year alone, Microsoft patched 122 IE vulnerabilities, the majority of which...

Jul 16, 2014

By Tao Yan, Bo Qu and Royce Lu

Cybersecurity, Malware, Threat Advisories - Advisories, Threat Prevention, Unit 42

Iptables Backdoor: Even Linux Is At Risk of Intrusion

A backdoor implant is an increasingly common mechanism for maintaining unauthorized access and control over a computer asset. The terms remote administration tool (RAT) and trojan...

Jul 16, 2014

By Jin Chen

Application Advisory/Analysis, Malware, Mobility, Threat Advisories - Advisories, Threat Prevention, Unit 42

SMS-Based In-App Purchase on Android Is Not Worth The Risk

In-App Purchase (IAP) has become a popular way to sell services and virtual items through mobile applications. In the An...

Jul 15, 2014

By Claud Xiao and Zhi Xu

Cybersecurity, Malware, SCADA & ICS, Threat Advisories - Advisories, Threat Prevention

Palo Alto Networks Offers Threat Mitigation for Havex, DragonFly and Varian...

Palo Alto Networks has been tracking Havex for quite a while and we’ve regularly found samples via WildFire, providing coverage via antivirus and addi...

Jul 10, 2014

By John Harrison

Cybersecurity, Firewall, Threat Advisories - Advisories, Threat Prevention

Palo Alto Networks Discovers Additional 10 Critical Internet Explorer Vulne...

Palo Alto Networks researchers discovered 10 new critical Internet Explorer (IE) vulnerabilities covering IE versions 6, 7, 8, 9, 10 and 11.

Jul 08, 2014

By Scott Simkin

Cybersecurity, Threat Advisories - Advisories, Threat Advisory/Analysis, Unit 42

The Latest Kuluoz Spam Campaign Kicks Off

At 06:47 PST on May 20 Palo Alto Networks WildFire detected the start of the latest Kuluoz spam campaign. The total number of e-mails detected quickly rose to over 30,000 per hour...

May 20, 2014

By Ryan Olson

Threat Advisories - Advisories, Threat Prevention, Unit 42

Funtasy Trojan Targets Spanish Android Users with Sneaky SMS Charges

(more…)

May 12, 2014

By Zhi Xu, Claud Xiao and Ryan Olson

Cybersecurity, Threat Advisories - Advisories, Threat Prevention, Unit 42

A Tale of 3 Vulnerabilities, CVE-2014-1776 Exploit Linked to Previous Attac...

Late last month reports surfaced that a new Internet Explorer vulnerability (CVE-2014-1776) was being exploited in targeted attacks. The vulnerability...

May 02, 2014

By Bo Qu

Cybersecurity, Threat Advisories - Advisories, Threat Prevention, Unit 42

Palo Alto Networks Protects Customers From Critical IE Vulnerability CVE-20...

On Saturday, Microsoft disclosed a critical vulnerability in Internet Explorer, CVE-2014-1776, affecting Internet Explorer versions 6 through 11. The...

Apr 29, 2014

By Scott Simkin

Malware, Mobility, Threat Advisories - Advisories, Threat Prevention, Unit 42

Cardbuyer: New Smart Android Trojan Defeats Multi-factor Verification and S...

On April 21st our WildFire analysis cloud detected a new Android Trojan, which is currently completely undetected in VirusTotal and uses a new combina...

Apr 24, 2014

By Claud Xiao and Zhi Xu

Load more blogs