Palo Alto Networks Archives

Mass attack spree hits Microsoft SharePoint zero-day defect

Attackers have already used the exploit dubbed “ToolShell” to intrude hundreds of organizations globally, including private companies and government agencies.

6 days ago By Matt Kapko

CrowdStrike, Microsoft aim to eliminate confusion in threat group attribution

Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.

Jun 3, 2025 By Matt Kapko

Then-Millenium challenge corporation CEO Sean Cairncross speaks during a ceremony on Aug. 5, 2019 at the presidential palace in Abidjan. (Photo by ISSOUF SANOGO / AFP) (Photo credit should read ISSOUF SANOGO/AFP via Getty Images)

Experts endorse Sean Cairncross for national cyber director ahead of Senate hearing

The letter to Senate Homeland Security and Governmental Affairs Committee leaders comes shortly before they consider his nomination.

Jun 3, 2025 By Tim Starks

SonicWall headquarters — SonicWall’s headquarters in Milpitas, California. (Getty Images)

SonicWall customers confront resurgence of actively exploited vulnerabilities

The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.

May 9, 2025 By Matt Kapko

Amazon, CrowdStrike, Google and Palo Alto Networks claim no change to threat intel sharing under Trump

Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes.

May 2, 2025 By Matt Kapko

The four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and routers. (Getty Images)

Attackers hit security device defects hard in 2024

Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…

Apr 23, 2025 By Matt Kapko

A logo sign outside of the headquarters of Ivanti in South Jordan, Utah. (Kristoffer Tripplaar / Alamy Stock Photo)

Is Ivanti the problem or a symptom of a systemic issue with network devices?

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

Apr 14, 2025 By Matt Kapko

Independent tests show why orgs should use third-party cloud security services

AWS, Microsoft Azure and Google Cloud Platform each scored 0% security effectiveness in CyberRatings.org’s evaluation of cloud network firewall vendors’ ability to prevent exploits and evasions.

Apr 2, 2025 By Matt Kapko

The money earned by remote North Korean IT workers is funding the North Korean weapons programs. (Getty Images)

The North Korea worker problem is bigger than you think

The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President…

Mar 31, 2025 By Matt Kapko

A picture of a toll booth in New Jersey. Scammers have been sending text messages about unpaid toll violations. (Getty Images)

Who is sending those scammy text messages about unpaid tolls?

The latest smishing scam follows a familiar process as ones the industry has seen over the past decade.

Mar 17, 2025 By Matt Kapko