In this episode of Threat Vector, host David Moulton and Andy Piazza, Sr. Director of Threat Intelligence at Unit 42, dive into the critical vulnerability CVE-2024-3400 found in PAN-OS software of Palo Alto Networks, emphasizing the importance of immediate patching and mitigation strategies for such vulnerabilities, especially when they affect edge devices like firewalls or VPNs. The discussion covers the discovery, technical details, and exploitation of the vulnerability, highlighting its potential for unauthenticated attackers to execute arbitrary code with root privileges. They discuss the Midnight Eclipse activity related to pre-disclosure exploitation of the vulnerability, the collaborative response with cybersecurity firm Volexity, and the living off the land techniques employed by threat actors. The episode underlines the critical nature of patching vulnerabilities promptly, monitoring network traffic for suspicious activity, and ensuring that mitigation strategies are in place to protect against such threats.Visit the Unit 42 Threat Research Center for the latest on Midnight Eclipse. https://unit42.paloaltonetworks.com/cve-2024-3400/Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.Palo Alto NetworksPalo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

In this episode of Threat Vector, David Moulton, Director of Thought Leadership at Unit 42, explores Adversarial AI and Deepfakes as part of the ongoing series “AI’s Impact in Cybersecurity” with two expert guests, Billy Hewlett, Senior Director of AI Research at Palo Alto Networks, and Tony Huynh, a Security Engineer specializing in AI and deepfakes. They unpack the escalating risks posed by adversarial AI in cybersecurity. You’ll learn how organizations can fortify their defenses against AI-driven attacks and the critical role of human vigilance in safeguarding against sophisticated cyber threats. Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.Palo Alto NetworksPalo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

Former Recon Marine and VP of Security, Donnie Hasseltine, discusses leveraging military mindset in cybersecurity, challenges in startup ecosystem, foundational security practices, and importance of security-first approach. The conversation explores military experience in cybersecurity, problem-solving, leadership, and mitigating cyber risks effectively.

Join Sam Rubin, VP at Unit 42, as he discusses the evolving ransomware threat landscape, targeting vulnerable sectors like healthcare and education. They explore the role of AI in cybersecurity defense and stress the importance of public-private partnerships to combat sophisticated cyber threats.

In this episode of Threat Vector, we dive deep into the new SEC cybersecurity regulations that reshape how public companies handle cyber risks. Legal expert and Unit 42 Consultant Jacqueline Wudyka brings a unique perspective on the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape. Whether you're a cybersecurity professional, legal expert, or just keen on understanding the latest in cyber law, this episode is packed with insights and strategies for navigating this new terrain. Tune in to stay ahead in the world of cybersecurity compliance!If you're interested to learn more about Unit 42's world-class, visit https://www.paloaltonetworks.com/unit42.Special Webinar EventThe Ransomware Landscape: Threats Driving the SEC Rule and Other RegulationsAs the cybersecurity landscape continues to evolve, so do regulations governing how to protect your organization and how to report cybersecurity incidents. The latest example comes from the U.S. Securities and Exchange Commission (SEC), which recently finalized rules for publicly traded companies on cyber incident disclosure and cyber risk management plans. The SEC Rules are just the latest of several regulatory efforts that address escalating cyber threats that CISO’s and their organizations face due to criminals’ ability to monetize on cybersecurity incidents like ransomware techniques.Hear from Unit 42 Experts: Steve Dyson, Principal Consultant Palo Alto Networks Sam Kaplan, Assistant General Counsel, Public Policy & Government Affairs Palo Alto Networks Unit 42 David Faraone, Senior Consulting Director Palo Alto Networks Unit 42 Jacqueline Wudyka, Associate Consultant Palo Alto Networks Unit 42 Don’t miss out on the SecOps event of the year — Symphony 2024 on April 17-18. Join industry leaders, tech visionaries, and cybersecurity professionals. See firsthand how AI, automation, and machine learning can empower your team to predict, detect, and respond to threats faster than ever.Join the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠

This episode of Threat Vector outlines a conversation between host David Moulton, Director of Thought Leadership at Palo Alto Networks Unit 42, and Michael "Siko" Sikorski, Unit 42's CTO and VP of Engineering, discussing the Unit 42's 2024 Incident Response Report. They provide insights into key cyber threats and trends including preferred attack vectors, the escalating use of AI by threat actors, software vulnerabilities, the concept of 'living off the land' attacks, and the importance of robust incident response strategies. They also address the rising trend of business disruption, supply chain attacks, and share recommendations for mitigating these cyber threats.Resources:Read the 2024 Unit 42 Incident Response report.Episode 13: Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat ResearchJoin the conversation on our social media channels: Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠ Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠ Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠ About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.Palo Alto NetworksPalo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

Don’t miss out on the SecOps event of the year — Symphony 2024 on April 17-18. Join industry leaders, tech visionaries, and cybersecurity professionals. See firsthand how AI, automation, and machine learning can empower your team to predict, detect, and respond to threats faster than ever.***In this episode of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, along with guests Sam Rubin, VP, Global Head of Operations, and Ingrid Parker, Senior Manager of the Intel Response Unit, dive deep into the critical vulnerabilities found in Ivanti's Connect Secure and Policy Secure products. They explore the vulnerabilities' potential impact, the urgency of mitigation, and strategies for defense. This discussion sheds light on the tactical and strategic responses necessitated by the current threat landscape, highlighting the collaboration between public directives and private sector response. They also discuss what Palo Alto Networks is doing to help the cybersecurity community at this time with a no-cost, no-obligation emergency bundle.Learn about the no-cost, no-obligation emergency bundle at https://www.paloaltonetworks.com/Ivanti-VPN-exploit-responseFor the latest insights and research on the Ivanti vulnerabilities, visit the Unit 42 Threat Research Center at https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2023-46805-cve-2024-21887/ If you believe you are at risk because of an Ivanti Vulnerability, Palo Alto Networks is offering a no-cost, no-obligation emergency bundle for your organization. Join the conversation on our social media channels:Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.Palo Alto NetworksPalo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

Don’t miss out on the SecOps event of the year — Symphony 2024 on April 17-18. Join industry leaders, tech visionaries, and cybersecurity professionals. See firsthand how AI, automation, and machine learning can empower your team to predict, detect, and respond to threats faster than ever.******In this episode of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, speaks with Oded Awaskar, an MDR Senior Manager - Threat-Hunting. Oded talks about how he got into threat-hunting, the evolving threat landscape, and the benefits and challenges of implementing a managed threat-hunting program. He also discusses how AI and ML might change the world of security operations and threat-hunting. The conversation ends with a lightning round of questions, where Oded addresses misconceptions related to threat-hunting and managed detection and response (MDR).If you are interested to learn more about Unit 42 World-Renowned threat hunters, visit https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting and https://www.paloaltonetworks.com/unit42/respond/managed-detection-responseDownload the datasheets: https://www.paloaltonetworks.com/resources/datasheets/unit42-ds-managed-threat-hunting https://www.paloaltonetworks.com/resources/datasheets/unit42-managed-detection-and-response Join the conversation on our social media channels:Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.Palo Alto NetworksPalo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

Don’t miss out on the SecOps event of the year — Symphony 2024 on April 17-18. Join industry leaders, tech visionaries, and cybersecurity professionals. See firsthand how AI, automation, and machine learning can empower your team to predict, detect, and respond to threats faster than ever.Join us on the latest episode of Threat Vector to dive into the evolving world of AI in cybersecurity with Kyle Wilhoit, director of threat research at Unit 42. The podcast also touches on the threat research published by Unit 42 regarding the unique characteristics of Medusa ransomware with Unit 42 researchers Doel Santos, principal threat researcher, and Anthony Galiette, senior malware reverse engineer.This thought-provoking discussion, hosted by David Moulton, director of thought leadership at Unit 42, focuses on the current state and future trends of AI in cyberthreats. Discover how AI is reshaping the landscape of cyberattacks, the role of generative AI in threat actor tactics, and the challenges of attribution in AI-driven cyberattacks.Wilhoit shares his perspectives on the notable use cases where adversarial AI techniques have been employed and how cybersecurity professionals can adapt to these emerging challenges. Learn about the balance between targeted and non-targeted AI-driven attacks and the strategies being developed to counteract them effectively.The conversation then shifts to new research on Medusa ransomware, with experts Santos and Galiette, offering a snapshot of the threat intel they published on the Unit 42 Threat Research Center. Their research exposes how Medusa employs sophisticated methods for propagation and evasion, a unique multi-extortion strategy, transparently pressurizing victims with online ransom demands, and a detailed breakdown of Medusa ransomware's operations and the proactive protective measures suggested by Palo Alto Networks.Stay ahead of the curve in the cybersecurity world by subscribing to Threat Vector.Join the conversation on our social media channels:Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.Palo Alto NetworksPalo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠http://paloaltonetworks.com⁠

Don’t miss out on the SecOps event of the year — Symphony 2024 on April 17-18. Join industry leaders, tech visionaries, and cybersecurity professionals. See firsthand how AI, automation, and machine learning can empower your team to predict, detect, and respond to threats faster than ever.This episode features Garrett Boyd, a senior consultant with a background as a Marine and professor, discusses the importance of internal training and mentorship in cybersecurity. He provides insights into how training prepares professionals for industry challenges and how mentorship fosters professional growth and innovation. Garrett emphasizes the need for a mentorship culture in organizations and the responsibility of both mentors and mentees in this dynamic. The episode highlights the transformative impact of mentorship through personal experiences and concludes with an invitation for listeners to share their stories and a reminder to stay vigilant in the digital world.Join the conversation on our social media channels:Website: ⁠⁠⁠⁠https://www.paloaltonetworks.com/unit42⁠⁠⁠⁠Threat Research: ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠Facebook: ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠YouTube: ⁠⁠⁠⁠@PaloAltoNetworksUnit42⁠⁠⁠⁠Twitter: ⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠About Threat VectorUnit 42 Threat Vector is the compass in the world of cyberthreats. Hear about Unit 42’s unique threat intelligence insights, new threat actor TTPs, real-world case studies, and learn how the team works together to discover these threats. Unit 42 will equip listeners with the knowledge and insight to proactively prepare and stay ahead in the ever-evolving threat landscape.PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠⁠http://paloaltonetworks.com⁠