{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidfurauwtfs3rz6c3gf4axuux5g62ao6nv655rp4xzwqbmv6yivhm",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mhbcjgnmcoq2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidxpsojs56pxv4uoobhzt6o7hg732dw5hi6gvwbluycky66dnruya"
    },
    "mimeType": "image/jpeg",
    "size": 68039
  },
  "path": "/researchers-decrypt-palo-alto-cortex-xdr-bioc-rules-and-expose-major-evasion-blind-spot/",
  "publishedAt": "2026-03-17T08:45:18.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Researchers decrypt Palo Alto Cortex XDR BIOC rules and expose major evasion blind spot",
    "VPN Central"
  ],
  "textContent": "Security researchers say they were able to decrypt Palo Alto Networks Cortex XDR’s preconfigured Behavioral Indicators of Compromise, or BIOC, rules and uncover a major evasion weakness inside them. InfoGuard Labs found that some rules relied on broad built-in exceptions, including one tied to the string \\Windows\\ccmcache, which could let common attacker actions slip past […]\n\nThe post Researchers decrypt Palo Alto Cortex XDR BIOC rules and expose major evasion blind spot appeared first on VPN Central.",
  "title": "Researchers decrypt Palo Alto Cortex XDR BIOC rules and expose major evasion blind spot"
}