Community Blog

The APT-group DarkHydrus has been busy with a new variant of the RogueRobin Trojan. See what it's about and how to stay protected!

Designed with a fresh new look and user-friendly navigation, visitors now have easy access to the latest research, reports, adversary playbooks, and podcasts from Unit 42.

Palo Alto Networks releases new App-IDs every third Tuesday of the month. Take a look and decide if you need to update your security policies. 

The Palo Alto Networks threat intelligence team, Unit 42, continues with their podcasts! This specific episode covers measuring risk in cybersecurity.

The latest Magnifier maintenance release came out with some interesting new features, including an enhanced search function, User-Id association, UI time display, and more. Read all about it here.

Phishing cyberattacks are on the rise. How are you protected on a phishing expedition?

Unit 42 wrote an extensive blog on Sofacy Group, a well-known APT. Check out this blog to find out what they're all about and how Palo Alto Networks customers are protected from their attacks!

Use Magnifier to find and stop the stealthiest network threats. Block attacks before the damage is done. Analyze rich network, endpoint and cloud data with machine learning. Identify targeted attacks, malicious insiders and malware. Compare Magnifier with AutoFocus.

Customer Advisory: Urgent action recommended regarding recent security advisory PAN-SA-2017-0027. Click the link to read more on this special advisory recommendation.

A new variant of the initial RAT code, called UBoatRAT, targets East Asia. Although still unclear what the exact targets are, Unit 42 believes that the targets are related to the Korean gaming industry.

With the sheer amount of malware in the wild, it is hard to know what is real malware and what is not. 

Read about Coinhive.com and see why it may -- or may not -- be considered malware.

Ransomware is showing up more frequently. Something we never want to have to deal with. If you want to make sure you are protected when using Palo Alto Network devices, then click to steer clear of the Bad Rabbit.

The popularity of CryptoCurrency is on the rise. Mining is more difficult, requiring data centers of dedicated servers to turn a profit. A new mining technique uses the combined computing power of thousands of endpoints that mine through a script run in the browser -- definite potential for abuse.

Attackers have traditionally profited by stealing identities or credit card numbers, then selling them on underground markets. Now cyber attackers are on the hunt for new ways to make a profit. Don't let them profit at your expense.

Traps 4.1. continues to develop our innovative, multi-method prevention approach to endpoint security with a specific focus on preventing ransomware.

To further strengthen your security posture, Aperture will support multi-factor authentication (MFA) for all administrator log-ins starting Thursday, August 24, 2017 at 11:00 p.m. Pacific Time. You will then be able to add an additional layer of security by enabling MFA for all administrators.

Petrwrap/Petya ransomware. A major ransomware attack brings business to a close throughout Europe, in an
infection reminiscent of the WannaCry attack.

Want to know more about the latest WanaCrypt0r ransomware and ways that Palo Alto Networks can help you defend your network from these attacks? Please click to read more.

Unit 42 identifies a variant of the IoT/Linux botnet "Tsunami". Read about how the "Amnesia" malware is delivered and distributed within the targeted network.

This could be you

DDoS illustrated with fish :)

Are you searching for specific threat information, but cannot find it?  Confused if Palo Alto Networks has coverage for a certain threat? Read more about Palo Alto Networks and our unique and thorough approach to the threat landscape.

We are proud to announce a new version of Palo Alto Networks Threat Vault. The Threat Vault has been overhauled to include more features and to make it more functionable.

Hi everyone, check out this Cyber Kill Chain article to learn more about the 7 steps of the kill chain. The article explains how Palo Alto Networks can prevent attacks at the different stages of the kill chain with the threat intelligence cloud, the endpoint, and the next-gen firewall.

I had the opportunity to attend Ignite 2015 a couple of weeks ago, it was awesome to see 3,000 security professionals gather together to learn more about Palo Alto Networks, answering questions and learning to be more secure in day to day operations.There were so many great breakout sessions that happened...

Yesterday at RSA I learned a lot about how Palo Alto Networks can prevent cyber attacks.It was great to see what customers, partners, and other vendors were interested in learning. We had many presentations and demos in the booth yesterday that covered Malware, Mobile Workforce Security, Datacenter ...

Today I will be introducing a new Community Feature:Vulnerability FocusInside of the Vulnerability Focus, we will be talking about recent Threats or Vulnerabilities that have been discovered. Information that every Security Professional can use to help protect their networks.This week I will be covering...

Every IT professional has to deal with Malware attacks on a day to day basis. They are very disruptive, a nuisance, and can cause damage as well as loss of data.So, when there is something new that is introduced to help IT Professionals do their job, and to be able to stop Malware threats, we tend to...

Happy Friday, everyone!I wanted to take a minute and talk about AutoFocus.As you may have heard a new product called AutoFocus was announced at Ignite 2015 last week, but not a lot of information has been released about it yet.AutoFocus is a brand new threat intelligence platform only from Palo Alto...

This is article was originally posted by Unit 42 author, Josh Grunzweig.Unit 42 has discovered a new Point of Sale (POS) malware family, which includes multiple variants created as early as November 2014. Over the past few weeks we have been analyzing this malware family, which we have dubbed ‘FindPOS...

Posted by Ryan Olson on March 10, 2015Palo Alto Networks researcher Bo Qu discovered a new critical Internet Explorer (IE) vulnerability affecting IE versions 8, 9, 10 and 11. This is included in Microsoft’s March 2015 Security Bulletin MS15-018 and MS15-019, and documented in Microsoft Security Bulletin...