Palo Alto Networks

Vulnerability

Prisma Cloud Mitigations for SpringShell and Recent Spring Vulnerabilities: CVE-2022-22963, CVE-2022-22965

CVE-2022-22965 (SpringShell), a Remote Code Execution (RCE) affecting the Spring Framework was published on March 31, 2022. This blog details Prisma Cloud’s mitigations capabilities for SpringShell

Announcement

Cloud Security Posture Management

Cloud Workload Protection Platform

Web Application & API Security

Mar 31, 2022

By Nathaniel Quist, Ariel Zelivansky, Aviv Sasson, Alok Tongaonkar and Artur Avetisyan

Palo Alto Networks

Products and Services

Partners

Must-Read Articles, Uncategorized

Detecting the Kerberos noPac Vulnerabilities with Cortex XDR™

Cortex XDR detects the Kerberos noPac vulnerabilities (CVE-2021-42278 and CVE-2021-42287) leveraging behavioral analytics.

Jan 10, 2022

By Stav Setty and Aviad Meyer

Must-Read Articles, News and Events

Remediating PrintNightmare (CVE-2021-1675) Using Cortex XSOAR

Leverage the Cortex XSOAR’s CVE-2021-1675 - PrintNightmare Playbook to Remediate quickly

Jul 02, 2021

By Pramukh Ganeshamurthy

Must-Read Articles, Product Features

Protecting Against the Bronze Bit Vulnerability with Cortex XDR

A recent vulnerability, CVE-2020-17049 (dubbed Bronze Bit), has been disclosed by Microsoft. This vulnerability occurs in the way the Key Distribution...

Mar 02, 2021

By Aviad Meyer and Liav Zigelbaum

Use-Cases

Security Orchestration Use Case: Automating Vulnerability Management

Vulnerability management is a strategically important process that covers both proactive and reactive aspects of security operations. Since vulnerability management encompasses all...

Sep 27, 2018

By Jane Goh

Unit 42

Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux an...

Unit 42 researchers discover Xbash, a new malware family tied to the Iron Group targeting Linux and Microsoft Servers

Sep 17, 2018

By Claud Xiao, Cong Zheng and Xingyu Jin

Threat Brief, Unit 42

Threat Brief: Information on Critical Apache Struts Vulnerability CVE-2018-...

Unit 42 Threat Brief with info & protections on Critical Apache Struts Vulnerability CVE-2018-11776.

Aug 24, 2018

By Christopher Budd

Unit 42

Analysis of the DHCP Client Script Code Execution Vulnerability (CVE-2018-1...

Unit 42 shares their analysis of the DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)

Jul 16, 2018

By Jin Chen

Endpoint, Threat Prevention

Traps Spies FINSPY With Its Eye … and Prevents It

Traps spies FINSPY with its eye … and prevents It.

Sep 27, 2017

By Eila Shargh

Unit 42

Palo Alto Networks Unit 42 Vulnerability Research February 2017 Disclosures

Palo Alto Networks researcher Tao Yan discovers two new Adobe Flash Vulnerabilities.

Mar 03, 2017

By Christopher Budd

Threat Prevention, Unit 42

Palo Alto Networks Discovers Two Adobe Reader Privileged JavaScript Zero-Da...

We recently discovered two zero-day vulnerabilities in Adobe Reader. Adobe has since released a patch (on October 6, 2016) to fix these vulnerabilities, which are named CVE-2016-69...

Oct 17, 2016

By Gal De Leon

Threat Prevention, Unit 42

Palo Alto Networks Researchers Discover Two Critical Internet Explorer Vuln...

Palo Alto Networks researchers discovered two new critical Internet Explorer (IE) vulnerabilities affecting IE versions 9, 10, and 11. Both are included in Microsoft’s July 2016 Se...

Jul 13, 2016

By Ryan Olson

Threat Prevention, Unit 42

Palo Alto Networks Researchers Discover Critical IE Vulnerabilities

Palo Alto Networks researchers Tongbo Luo and Hui Gao were credited with the discoveries of new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9...

Mar 25, 2016

By Ryan Olson

Threat Prevention, Unit 42

Palo Alto Networks Researcher Discovers Critical IE Vulnerability

Palo Alto Networks researcher Hui Gao was credited with the discovery of a new critical Microsoft vulnerability affecting Internet Explorer (IE) versions 9, 10 and 11. This vulnera...

Mar 09, 2016

By Ryan Olson

Endpoint

Use Traps to Protect Against BadWinmail, CVE-2015-6172

“The Dark Arts,” said Snape, “are many, varied, ever-changing, and eternal. Fighting them is like fighting a many-headed monster, which, each time a neck is severed, sprouts a head even fiercer and cleverer tha...

Jan 27, 2016

By Palo Alto Networks

Threat Prevention, Unit 42

Palo Alto Networks Researchers Discover Critical Vulnerabilities in Interne...

Palo Alto Networks researchers Bo Qu and Hui Gao were credited with the discovery of three new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9,...

Dec 10, 2015

By Ryan Olson

Threat Prevention, Unit 42

Palo Alto Networks Researchers Discover High Severity Vulnerability Impacti...

Palo Alto Networks researchers Tongbo Luo and Bo Qu are credited with discovering a new vulnerability (CVE-2015-7066) in OpenGL and Webkit that impacts all of Apple’s major product...

Dec 09, 2015

By Ryan Olson

Threat Prevention, Unit 42

Palo Alto Networks Researcher Discovers Critical Vulnerabilities in Interne...

Palo Alto Networks researcher Bo Qu was credited with discovery of six new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9, 10 and 11 and Micro...

Nov 11, 2015

By Ryan Olson

Threat Prevention, Unit 42

Palo Alto Networks Researcher Discovers Critical IE Vulnerability

Palo Alto Networks researcher Hui Gao was credited with discovery of a new critical Internet Explorer (IE) vulnerability affecting IE versions 6, 7, 8, 9, 10 and 11. CVE-2015-2548...

Oct 27, 2015

By Ryan Olson

Threat Prevention, Unit 42

Palo Alto Networks Researchers Discover Critical Vulnerabilities in Interne...

Palo Alto Networks researchers have been credited with discovery of new vulnerabilities affecting Adobe Shockwave Player and Microsoft Internet Explorer.

Sep 09, 2015

By Ryan Olson

Cybersecurity, Healthcare, SCADA & ICS

Tip of the Iceberg: FDA’s Alert to Unplug Hospira’s Drug Infusion Pumps fro...

On July 31, the FDA issued an alert advising healthcare facilities to stop using Hospira's Symbiq drug infusion pump due to a security vulnerability. ...

Aug 04, 2015

By Matt Mellen

Load more blogs

Palo Alto Networks

Vulnerability

Prisma Cloud Mitigations for SpringShell and Recent Spring Vulnerabilities: CVE-2022-22963, CVE-2022-22965

Palo Alto Networks

Detecting the Kerberos noPac Vulnerabilities with Cortex XDR™

Remediating PrintNightmare (CVE-2021-1675) Using Cortex XSOAR

Protecting Against the Bronze Bit Vulnerability with Cortex XDR

Security Orchestration Use Case: Automating Vulnerability Management

Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux an...

Threat Brief: Information on Critical Apache Struts Vulnerability CVE-2018-...

Analysis of the DHCP Client Script Code Execution Vulnerability (CVE-2018-1...

Traps Spies FINSPY With Its Eye … and Prevents It

Palo Alto Networks Unit 42 Vulnerability Research February 2017 Disclosures

Palo Alto Networks Discovers Two Adobe Reader Privileged JavaScript Zero-Da...

Palo Alto Networks Researchers Discover Two Critical Internet Explorer Vuln...

Palo Alto Networks Researchers Discover Critical IE Vulnerabilities

Palo Alto Networks Researcher Discovers Critical IE Vulnerability

Use Traps to Protect Against BadWinmail, CVE-2015-6172

Palo Alto Networks Researchers Discover Critical Vulnerabilities in Interne...

Palo Alto Networks Researchers Discover High Severity Vulnerability Impacti...

Palo Alto Networks Researcher Discovers Critical Vulnerabilities in Interne...

Palo Alto Networks Researcher Discovers Critical IE Vulnerability

Palo Alto Networks Researchers Discover Critical Vulnerabilities in Interne...

Tip of the Iceberg: FDA’s Alert to Unplug Hospira’s Drug Infusion Pumps fro...

Get the latest news, invites to events, and threat alerts

Products and Services

Company

Popular Links

Palo Alto Networks

Vulnerability

Prisma Cloud Mitigations for SpringShell and Recent Spring Vulnerabilities: CVE-2022-22963, CVE-2022-22965

Palo Alto Networks

Subscribe to the Blog!

Get the latest news, invites to events, and threat alerts

Products and Services

Company

Popular Links