All news with #palo alto networks tag

Palo Alto Networks Named Leader in HMF Magic Quadrant

🔐 Palo Alto Networks has been named a Leader in the inaugural 2025 Gartner Magic Quadrant for Hybrid Mesh Firewall, recognized for both Completeness of Vision and Ability to Execute. The announcement highlights the Strata Network Security Platform, which unifies hardware, virtual, container, cloud-native and FWaaS deployments under a single, cloud-based management plane. Powered by Precision AI®, the platform delivers consistent policy, automation and real-time threat prevention across hybrid environments.

Countering PRC State-Sponsored Network Compromise Worldwide

🛡️ U.S. and international agencies warn that People's Republic of China (PRC) state-sponsored actors have been compromising global networks since at least 2021 to collect communications and other intelligence. Actors targeted telecommunications backbone routers, provider- and customer-edge devices, and infrastructure across government, transportation, lodging, and military sectors. They exploited known CVEs (for example CVE-2024-21887, CVE-2024-3400, Cisco CVEs), modified devices to maintain persistence using on-box PCAP/containers and tunnels, and exfiltrated data via peering and covert channels. The advisory includes IP indicators, binary hashes, Yara/Snort rules, hunting guidance, and prioritized mitigations to patch, isolate management planes, harden credentials, and detect PCAP creation.

Palo Alto Networks Named Leader in IDC IR Services

🔒 Palo Alto Networks' Unit 42 has been named a Leader in the 2025 IDC MarketScape for Worldwide Incident Response Services. Published 2025-08-26 by Sam Rubin, the announcement highlights Unit 42's threat-informed, tech-driven methodology combining telemetry from over 70,000 customers, tracking of more than 200 threat groups, and 150+ intel partnerships. Deep integration with Palo Alto Networks platforms, notably Cortex, plus AI and automation, is credited with faster detection, containment, and reduced dwell time. Unit 42 emphasizes post-incident transformation mapped to MITRE ATT&CK and NIST to help organizations not only recover but emerge more resilient.

Hybrid Mesh Firewall: Unified Security for Hybrid Networks

🔒 Today’s distributed, cloud-first enterprises face complex security gaps across on-premises, cloud and edge environments. The article introduces the Hybrid Mesh Firewall (HMF) model and positions Palo Alto Networks as delivering a complete platform that unifies hardware, virtual, container and FWaaS firewalls under Strata Cloud Manager. It emphasizes Precision AI for continuous, real-time threat prevention and cites integrated security services to simplify operations and reduce blind spots.

Frenemies in Cybersecurity: Balancing Competition & Sharing

🤝 In a Threat Vector podcast, Michael Sikorski and Michael Daniel of the Cyber Threat Alliance discuss how competing vendors must nonetheless collaborate to counter shared threats. Daniel recalls how pooled observations during the 2017 WannaCry outbreak revealed its worm-like propagation and accelerated industry response. He emphasizes that the main obstacles to sharing are human—culture, legal risk, and lack of executive prioritization—and that concrete guardrails (antitrust-compliance statements, embargo protocols, and equal treatment) build the trust needed for timely intelligence exchange. The post cautions that as adversaries adopt AI and automation, systematic collaboration is essential.

Value Exchange in Cybersecurity: Aligning Vendors & Partners

🤝 Strong vendor–partner alignment drives faster resolution, tailored deployments and sustained security outcomes for customers. Palo Alto Networks frames this mutual commitment as the value exchange and supports it with investments such as a refreshed Learning Center for Partners to build role-based expertise. When vendors and partners operate as a unified ecosystem, platformization reduces silos, lowers total cost of ownership and enables unified visibility and faster remediation. Weak collaboration, conversely, increases downtime, cost and risk.

GenAI-Enabled Phishing: Risks from AI Web Services

🚨 Unit 42 analyzes how rapid adoption of web-based generative AI is creating new phishing attack surfaces. Attackers are leveraging AI-powered website builders, writing assistants and chatbots to generate convincing phishing pages, clone brands and automate large-scale campaigns. Unit 42 observed real-world credential-stealing pages and misuse of trial accounts lacking guardrails. Customers are advised to use Advanced URL Filtering and Advanced DNS Security and report incidents to Unit 42 Incident Response.

PAN-OS 12.1 Orion: Quantum-Ready Multicloud Security

🔐 PAN-OS 12.1 Orion delivers a framework for quantum-ready and multicloud security, combining automated asset discovery, continuous risk assessment and centralized management via Strata Cloud Manager. It introduces an industry-first cipher translation to make legacy applications quantum-safe, plus quantum-optimized fifth-generation NGFW hardware for high-scale PQC inspection. The release also expands AI-driven detections and one-click deployment across AWS/Azure/GCP.

Palo Alto Networks' Quantum Security and PQC Tools

🔒 Palo Alto Networks announced a portfolio of quantum security innovations in PAN-OS 12.1 Orion and new fifth‑generation NGFWs to help organizations accelerate quantum readiness. The company introduces a Cryptographic Inventory in Strata Cloud Manager to identify and remediate weak or vulnerable cryptography. It delivers PQC support for NIST and prestandard algorithms and hybrid classical/post‑quantum options for VPNs and TLS. A new cipher translation proxy preserves legacy systems while migration proceeds, and Palo Alto Networks is advancing QRNG and QKD standards through industry initiatives.

Donut Shellcode: End-to-End Malware Analysis Tutorial

🧩 This Unit 42 tutorial walks analysts through a complete infection chain that uses Donut-generated shellcode, showing how a small position-independent routine computes its own base address via a call/pop/sub pattern and how that base drives payload offsets. The authors use step-by-step static and dynamic analysis with IDA Pro, x64dbg, dnSpy, and ProcessHacker to validate findings. Readers are shown common techniques such as dynamic API resolution, process injection, and AMSI bypass through memory patching, and are directed to a full PDF on the authors' GitHub for the complete walkthrough.

Palo Alto Networks Opens Local Cloud Region in South Africa

🌍 Palo Alto Networks has launched a new cloud location in South Africa to bring its AI-powered security platforms closer to local organizations. The region will host core services including Cortex XSIAM, Prisma SASE, Advanced WildFire, Advanced DNS Security, Strata Cloud Manager and Strata Logging Service. Local hosting is designed to reduce latency, meet data residency and sovereignty requirements, and deliver real-time detection, automated response and centralized logging. The investment aims to support South Africa’s digital transformation while addressing rising ransomware and phishing threats across the region.

CISA Alerts: Palo Alto PAN-OS Vulnerability Under Attack

🔔 CISA has warned that firewalls running Palo Alto Networks PAN-OS are under active attack and require immediate patching. The issue, tracked as CVE-2022-0028, can be abused without authentication to perform reflected and amplified TCP denial-of-service attacks using PA-Series, VM-Series and CN-Series devices. Palo Alto has released patches for multiple PAN-OS branches and CISA added the flaw to its Known Exploited Vulnerabilities Catalog, urging federal agencies to remediate by September 9. Administrators should review URL filtering profiles with blocked categories on externally facing interfaces and apply vendor fixes promptly.