Security News

Palo Alto Networks announced that it has entered into a definitive agreement to acquire The Crypsis Group, a leading incident response, risk management and digital forensics consulting firm. Under the terms of the agreement, Palo Alto Networks will acquire The Crypsis Group for a total purchase price of $265 million, subject to adjustment, to be paid in cash.

Palo Alto Networks announced on Monday that it has agreed to acquire incident response and digital forensics consulting firm The Crypsis Group. Under the terms of the agreement, Palo Alto Networks will pay $265 million in cash, subject to adjustment, to acquire Crypsis.

Palo Alto Networks informed customers on Wednesday that it has patched two high-severity vulnerabilities in PAN-OS, the software running on the company's firewalls. "An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this issue," the vendor said in its advisory.

Palo Alto Networks has emitted its second software update in as many weeks to address a potentially serious security vulnerability in its products. This latest Palo Alto advisory comes just ten days after the IT supplier sounded the alarm for another remote code execution flaw in its PAN-OS. That vulnerability, CVE-2020-2021, was serious enough to warrant an alert from Uncle Sam's CyberCom, which feared that in-the-wild exploitation attempts were likely.

The U.S. Cybersecurity and Infrastructure Security Agency is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication. Palo Alto Networks on Monday posted an advisory on the vulnerability, which affects the devices' operating systems.

Palo Alto Networks revealed on Monday that it has patched a critical authentication bypass vulnerability in its PAN-OS firewall operating system, and U.S. Cyber Command believes foreign APTs will likely attempt to exploit it soon. "When Security Assertion Markup Language authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled, improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability," Palo Alto Networks explained in an advisory.

Palo Alto Networks has patched a critical and easily exploitable vulnerability affecting PAN-OS, the custom operating system running on its next generation firewalls and enterprise VPN appliances, and is urging users to update to a fixed version as soon as possible. Affected PAN-OS versions include versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0.

Palo Alto Networks announced the appointment of Luis Felipe Visoso to the position of chief financial officer. A veteran finance officer, Visoso most recently served as CFO for Amazon Web Services, and previously as CFO for Amazon's Worldwide Consumer division.

Palo Alto Networks on Wednesday unveiled a new firewall powered by machine learning, a firewall for Kubernetes, and an IoT security solution. Palo Alto Networks has announced a new next-generation firewall that uses machine learning to help organizations detect and block threats.

Endace announced that the EndaceProbe Analytics Platform is now integrated with Palo Alto Networks Cortex XSOAR, the industry's first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise. Through this integration, Endace and Cortex XSOAR provide customers with network packet capture from within Cortex XSOAR playbooks to enable accelerated, evidence-led, forensic investigation of cyberthreats.