Security News

Researchers have developed a working exploit to gain remote code execution via a massive vulnerability in a security appliance from Palo Alto Networks, potentially leaving more than 70,000 vulnerable firewalls with their goods exposed to the internet. The Randori Attack Team found the zero day a year ago, developed a working exploit and used it against Randori customers over the past year.

Authentic8, provider of Silo, announced it has become a Palo Alto Networks technology partner and unveiled its integration with the Palo Alto Networks Prisma Access cloud-delivered security platform. The integration combines Silo's zero trust web browsing with the secure web gateway capabilities of Prisma Access to deliver comprehensive and seamless secure remote access to business resources, shielding users, devices and applications from malicious web content.

Deloitte has formed a strategic alliance with Palo Alto Networks to deliver integrated, end-to-end zero trust and multi-cloud cybersecurity solutions to their mutual enterprise and government customers. The alliance brings together Deloitte's award-winning cyber risk consulting services and Palo Alto Networks' platform security capabilities to deliver broad solutions designed to help customers simplify complex security infrastructure while increasing speed and agility, enabling them to protect their most important digital initiatives and realize the full value of their cybersecurity investments.

Palo Alto Networks this week announced the availability of patches for security flaws in the Prisma Cloud Compute cloud workload protection solution and Windows agent for the Cortex XDR detection and response platform. The most serious of the bugs - CVE-2021-3042 - is a local privilege escalation issue in the Palo Alto Networks Cortex XDR agent on Windows platforms.

LogPoint launched a content pack for Cortex XSOAR, a security orchestration, automation and response platform from Palo Alto Networks. The integration with Palo Alto Networks Cortex XSOAR builds on the LogPoint strategy to partner with cybersecurity platforms.

A critical security bug in Palo Alto Networks' Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug is an improper-authorization vulnerability that "Enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API," according to the security vendor's Tuesday advisory.

A security advisory published on Tuesday by Palo Alto Networks informs customers about the availability of patches for a critical vulnerability affecting the company's Cortex XSOAR product. During an internal security review, Palo Alto Networks discovered that its Cortex XSOAR security orchestration, automation and response platform is affected by an improper authorization issue.

Palo Alto Networks announced the appointment of Aparna Bawa to the company's board of directors. "Aparna is a proven leader who has helped technology companies rapidly scale, and I'm pleased to welcome her to our board," said Nikesh Arora, chairman and CEO of Palo Alto Networks.

A trio of researchers at Palo Alto Networks has detailed vulnerabilities in the JET database engine, and demonstrated how those flaws can be exploited to ultimately execute malicious code on systems running Microsoft's SQL Server and Internet Information Services web server.In a talk today at Black Hat Asia titled Give Me a SQL Injection, I Shall PWN IIS and SQL Server, the three explained they found the JET engine - for years an underlying tech for Microsoft Access and other products, and still downloadable today - has many vulnerabilities.

Palo Alto Networks announced the appointment of Dr. Helene D. Gayle to the company's board of directors and the nominating and corporate governance committee of the board. "We are fortunate to have Dr. Gayle join the Palo Alto Networks' board," said Nikesh Arora, chairman and CEO of Palo Alto Networks.