Security News

Palo Alto Networks held its annual Code to Cloud Cybersecurity Summit Thursday, focusing on cloud, DevOps and security. Recently, Palo Alto Networks' Unit 42 issued a cloud threat report finding that the average security team takes six days to resolve a security alert.

TechRepublic spoke with Ankur Shah, SVP and general manager of Prisma Cloud, about what cloud security means and how IT pros and decision makers should think beyond the traditional cybersecurity playbook when it comes to cloud security. Ankur Shah: Before the cloud, security was like a house with one front door, a camera and a security guard: one level of security and you're good to go.

Learn Palo Alto Networks cybersecurity with this $20 training We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. For a limited time, the Palo Alto Networks Cybersecurity Fundamentals course is on sale for just $19.99.

The U.S. Cybersecurity and Infrastructure Security Agency on Monday added a security flaw impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.The high-severity vulnerability, tracked as CVE-2022-0028, is a URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out reflected and amplified TCP denial-of-service attacks.

A high-severity Palo Alto Networks denial-of-service vulnerability has been exploited by miscreants looking to launch DDoS attacks, and several of the affected products won't have a patch until next week.The vulnerability, tracked as CVE-2022-0028, received an 8.6 out of 10 CVSS score, and it affects PAN OS, the operating system in Palo Alto Networks' network security products.

Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products. The issue, tracked as CVE-2022-0028, is an URL filtering policy misconfiguration that could allow an unauthenticated, remote attacker to carry out amplified TCP denial-of-service attacks.

Founded back in 2005, Palo Alto Networks is a cybersecurity giant that has earned the trust of the business community thanks to its impressive track record. The Palo Alto Networks Cybersecurity Fundamentals course helps you gain that same level of credibility, with 27 tutorials working towards official certification.

American cybersecurity company Palo Alto Networks warned customers on Wednesday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago.Even though the OpenSSL team released a patch two weeks ago when it publicly disclosed the bug, customers will have to wait until later this month when Palo Alto Networks plans to release security updates.

EXCLUSIVE: A bug in the support dashboard of Palo Alto Networks exposed thousands of customer support tickets to an unauthorized individual, BleepingComputer has learned. The exposed information included, names and contact information of the person creating support tickets, conversations between Palo Alto Networks staff members and the customer.

A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Successful exploitation of the flaw necessitates that the attacker strings it with a technique known as HTTP smuggling to achieve remote code execution on the VPN installations, not to mention have network access to the device on the GlobalProtect service default port 443.