Researchers Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules

cybersecuritynews.com

Researchers Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules

cybersecuritynews.com

Resident PulserB to

Pulse of TruthEnglish · 5 hours ago

Researchers found a flaw in Palo Alto Cortex XDR attackers bypass behavioral detections by decrypting and analyzing predefined BIOC rules.

Cybersecurity researchers have uncovered a critical evasion flaw in Palo Alto Networks’ Cortex XDR agent that allowed attackers to bypass behavioral detections completely. By reverse-engineering these encrypted rules, the InfoGuard Labs team discovered hardcoded global whitelists that enabled threat actors to execute malicious actions without triggering security alerts. Decrypting the Detection Engine Palo Alto Cortex […] The post Researchers Decrypt and Exploit Encrypted Palo Alto Cortex XDR BIOC Rules appeared first on Cyber Security News.

You must log in or # to comment.

Chat

Pulse of Truth

pulse_of_truth

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

125 users / day
405 users / week
1.1K users / month
2.93K users / 6 months
192 local subscribers
2.34K subscribers
5.01K Posts
3.56K Comments
Modlog

mods:
krogoth