Researchers decrypt Palo Alto Cortex XDR BIOC rules and expose major evasion blind spot

Security researchers say they were able to decrypt Palo Alto Networks Cortex XDR’s preconfigured Behavioral Indicators of Compromise, or BIOC, rules and uncover a major evasion weakness inside them. InfoGuard Labs found that some rules relied on broad built-in exceptions, including one tied to the string \Windows\ccmcache, which could let common attacker actions slip past […] The post Researchers decrypt Palo Alto Cortex XDR BIOC rules and expose major evasion blind spot appeared first on VPN Central.