SecOps Insider - October
Cortex by Palo Alto Networks
The industry’s most comprehensive product suite for security operations.
Unit 42 Threat Frontier Report
GenAI is reshaping both attacks and defenses. Arm your organization with expert strategies to stay one step ahead in the rapidly evolving security landscape – read the Unit 42 Threat Frontier: Prepare for Emerging AI Risks now.
Unlock Customized Recommendations For Transforming Your SecOps
There’s always room for strengthening security posture, especially with threats constantly evolving. Of course, this can mean very different things for different organizations.?
That’s why we’ve developed an interactive tool that creates tailored SecOps Readiness Reports. It assesses the current state of your security operations and identifies areas for strategic improvement. Just answer a series of questions to unlock personalized recommendations.
Your personal SecOps transformation journey starts now.
What's Next in Cortex: New Innovations for Security Operations
Cortex introduces new enhancements and features across the entire portfolio including a powerful new AI-powered protection against PowerShell attacks, expanded support across Windows and Linux, and overall enhanced data access control.?
Bye Whack-a-Mole: The New Cortex Generic Persistence Analytics Module
Discover Palo Alto Networks' new Generic Persistence Analytics module, detecting malware persistence across techniques for enhanced cybersecurity.?
Threat Assessment: North Korean Threat Groups
Our newly released threat report covering North Korean APT groups and their malware arsenal details the various groups and sub-groups operating in the North Korean military intelligence Nexus. The report examines DPRK hacking tools across multiple OS platforms (MacOs, Linux, Windows), which are all detected and prevented by Cortex XDR!?
Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors
The Cortex Research team just released a new analysis of an elaborate North Korean APT cyber operation, delivering a Linux and macOS backdoor dubbed “PondRAT”via poisoned Python packages, uploaded to the popular open-source PyPI project. To learn more about the attack and how Cortex XDR can detect and prevent this threat, read more here.
Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
A new report was released about two newly discovered espionage tools in the arsenal of the North Korean Sparkling Pisces (aka Kimsuky) APT group. In this report, Cortex researchers analyzed the previously undocumented KLogEXE keylogger and a new variant of the FPSpy backdoor, used in espionage campaigns targeting South Korea.
To learn more about the new malware and TTPs, and how Cortex XDR can detect and prevent such threats, read more here.
Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware
Our latest research details how a North Korean DPRK APT group targeted tech job seekers by creating fake avatars of job recruiters on LinkedIn and lured victims to install trojanized applications, which ultimately delivered new variants of BeaverTail and InvisibleFerret malware.?
Learn more about how Cortex XDR can detect and prevent these threats and the risks it poses to global tech companies and individuals.
Every Second Matters: Executive Insights from the Unit 42 IR Report
“Every Second Matters: Executive Insights from the Unit 42 Incident Response Report” offers crucial guidance to transform your cybersecurity posture in this new era of rapid-fire threats. Discover how automation and AI-enabled tools can accelerate your threat detection and response times.
Forrester names Palo Alto Networks a Leader in Attack Surface Management
The ever-changing attack surface demands ongoing innovation to discover, prioritize and respond to threats almost instantly. With Cortex Xpanse, your SecOps team can proactively find and fix exposures on your internet-connected assets before attackers can exploit them. Forrester Research ranks Palo Alto Networks as a Leader in its inaugural report, “The Forrester Wave?: Attack Surface Management Solutions, Q3 2024.”?
Cortex Xpanse was recognized with the top vendor score in the Strategy category, receiving the highest possible scores for Vision, Innovation and Roadmap criteria. Get Forrester’s complete analysis and see the results for yourself.
Cortex XSOAR Ranked #1 for SOC Automation
Palo Alto Networks' Cortex XSOAR has been ranked as the Overall Leader in KuppingerCole's 2024 SOAR Leadership Compass report, underscoring the critical role of automation in modern security operations. The announcement highlights key findings from the report, including market growth predictions and emerging trends in the SOAR industry, while showcasing Cortex XSOAR's strong performance across various evaluation criteria.?
Leading the way in AI-driven endpoint protection
We’re proud to announce that Palo Alto Networks has been recognized as a Leader in the 2024 Gartner? Magic Quadrant? for EPP.? With Cortex XDR? at the forefront, we deliver unparalleled AI-powered prevention and pioneering threat detection across all data sources, ensuring your organization stays ahead of evolving threats. Trust a Leader in EPP to safeguard your organization’s future.?
Webinar! Boost Your Security with Strategic Insights
Join us for an exclusive webinar where you'll gain insights into cutting-edge strategies for staying ahead of cyberthreats with Cortex XDR?. Our Cortex security research team will provide expert insights on attack tactics, showcase how Cortex XDR leverages machine learning for threat prevention and demonstrate its effectiveness in rigorous third-party testing. Don't miss out on this opportunity to enhance your cybersecurity strategy and protect your organization.?
Subscribe to our SecOps Blog
Don’t forget to subscribe to the Cortex SecOps blogs, delivered fresh to your inbox every Friday for a weekly recap.
Customer Stories
Infrastructure Manufacturer Reclaims Control After Dual Ransomware Attacks
Facing ransomware attacks by Black Basta and LockBit, an infrastructure manufacturer turned to Unit 42 for swift action. See how the incident response team reduced the ransom payment by 73% and protected 2.5+ million files.
More Information
?2024 Palo Alto Networks. All the company names and/or brand names, and/or product names, and/or logos referred to in this document are either registered trademarks or trademarks pending registration in accordance with relevant national laws.