Threat Brief: Information on Critical Apache Struts Vulnerability CVE-2018-11776


Situation Overview On August 22, 2018, the Apache Foundation released a critical security update for CVE-2018-1176, a remote code execution vulnerability affecting Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16. The Apache Foundation has urged everyone to apply the security updates as soon as possible. This blog is to provide information to help organizations assess their [...]

Four Unit 42 Vulnerability Researchers Make MSRC Top 100 for 2018

Four Unit 42 Vulnerability Researchers Make MSRC Top 100 for 2018

Palo Alto Networks Unit 42 is proud to announce that four of our researchers were named to the Microsoft Security Response Center (MSRC) “Top 100 Security Researchers List” for 2018. This is the third year Unit 42 researchers have been included in this prestigious list, which is announced every year at Black Hat. This year’s [...]

In OT Environments, Security Must Not Be an Afterthought

In OT Environments, Security Must Not Be an Afterthought

The dream of a cloud-enabled operational technology, or OT, environment is becoming a reality thanks to daily innovations in technology, which have the potential of turning legacy control systems into integrated IIoT instances. These changes are happening at a fast pace, and are often extraordinary in scale. Large scale ICS SCADA systems, such as those [...]

Threat Brief: Cyber Attackers Using Your Home Router To Bring Down Websites

Threat Brief: Cyber Attackers Using Your Home Router To Bring Down Websites

In recent research, Palo Alto Networks found attackers were targeting home routers to take control and use them for attacks against other websites that can bring them down. Here we explain this type of attack and what you should do.   Why should I care, what can it do to me? These attacks could affect you [...]

Policy Q&A: The Basics of the NIS Directive

Policy Q&A: The Basics of the NIS Directive

In this Q&A, Danielle Kriz, senior director of Global Policy, and Fred Streefland, senior manager of Product Marketing for EMEA, cover the basics of the EU’s Network and Information Security Directive and what it might mean for organizations. Fred: Let’s talk about a new cybersecurity law in the European Union, the Network and Information Security (NIS) [...]