* [Blog](https://www2.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate) * Threat Advisories - Advisories # Palo Alto Networks ## Threat Advisories - Advisories [![How Cortex Xpanse Can Identify CISA-Identified Known Exploited Vulnerabilities](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2022/03/iStock-949580950.jpg)](https://www2.paloaltonetworks.com/blog/security-operations/cortex-xpanse-identify-cisa-kev/) [How Cortex Xpanse Can Identify CISA-Identified Known Exploited Vulnerabilities \------------------------------------------------------------------------------](https://www2.paloaltonetworks.com/blog/security-operations/cortex-xpanse-identify-cisa-kev/) In late 2021, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (DHS/CISA) issued Binding Operational Directive 22-01 (BOD 22-01), which introduced a list of Known Exploited Vulnerabilities (KEVs) that threat actors have exploited. Cortex Xpanse can help users to find potentially-impacte... [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown) [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown) [Tip of the Week](https://www.paloaltonetworks.com/blog/category/tip-of-the-week/?ts=markdown) Mar 22, 2022 By [Cyrus Revand](https://www.paloaltonetworks.com/blog/author/cyrus-revand/?ts=markdown "Posts by Cyrus Revand") ## Palo Alto Networks *** ** * ** *** [Announcements](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) *** ** * ** *** [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown) *** ** * ** *** [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) *** ** * ** *** [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown) *** ** * ** *** [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) *** ** * ** *** [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/06/palo-alto-networks-researcher-discovers-3-new-critical-ie-vulnerabilities/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown) ## [Palo Alto Networks Researcher Discovers 3 New Critical IE Vulnerabilities](https://www2.paloaltonetworks.com/blog/2016/06/palo-alto-networks-researcher-discovers-3-new-critical-ie-vulnerabilities/) Palo Alto Networks researcher Tao Yan is credited with the discovery of three new critical Microsoft vulnerabilities in June's bulletin -- CVE-2016-32... Jun 14, 2016 By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") ![Chinese Taomike Monetization Library Steals SMS Messages](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2015/10/blog-generic-banner.jpg) [Application Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/application-analysis/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Chinese Taomike Monetization Library Steals SMS Messages](https://www2.paloaltonetworks.com/blog/2015/10/chinese-taomike-monetization-library-steals-sms-messages/) Mobile app creators are often looking for ways to monetize their software. One of the most common ways to do this is by displaying advertisements to u... Oct 21, 2015 By [Zhi Xu](https://www.paloaltonetworks.com/blog/author/zhi-xu/?ts=markdown "Posts by Zhi Xu") and [Claud Xiao](https://www.paloaltonetworks.com/blog/author/claud-xiao/?ts=markdown "Posts by Claud Xiao") [](https://www2.paloaltonetworks.com/blog/2015/03/palo-alto-networks-autofocus-actionable-cyber-threat-intelligence-like-youve-never-seen-before/) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Ignite](https://www.paloaltonetworks.com/blog/category/ignite/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/threat-advisory-analysis/?ts=markdown), [Vertical](https://www.paloaltonetworks.com/blog/category/vertical/?ts=markdown) ## [Palo Alto Networks AutoFocus: Actionable Cyber Threat Intelligence Like You...](https://www2.paloaltonetworks.com/blog/2015/03/palo-alto-networks-autofocus-actionable-cyber-threat-intelligence-like-youve-never-seen-before/) Trying to find advanced, targeted attacks can be an exercise in frustration, akin to finding a needle in a haystack. Wit... Mar 31, 2015 By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin") [](https://www2.paloaltonetworks.com/blog/2015/01/scareware-app-downloaded-million-times-google-play/) [Application Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/application-analysis/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Scareware App Downloaded Over a Million Times from Google Play](https://www2.paloaltonetworks.com/blog/2015/01/scareware-app-downloaded-million-times-google-play/) We have recently been investigating an antivirus app in the Google Play store that was displaying fake virus detection r... Jan 22, 2015 By [Claud Xiao](https://www.paloaltonetworks.com/blog/author/claud-xiao/?ts=markdown "Posts by Claud Xiao") [](https://www2.paloaltonetworks.com/blog/2014/12/dtls-vulnerabilities-cve-2014-6321/) [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [DTLS Vulnerabilities in CVE-2014-6321](https://www2.paloaltonetworks.com/blog/2014/12/dtls-vulnerabilities-cve-2014-6321/) Microsoft recently released a patch for a critical vulnerability in Microsoft Secure Channel (aka Schannel). This vulnerability is being referred to as MS14-066. The patch addressing CVE-2014-6321 fixed many areas within schannel.dll, inc... Dec 10, 2014 By [Jin Chen](https://www.paloaltonetworks.com/blog/author/jin-chen/?ts=markdown "Posts by Jin Chen") and [Shengming Xu](https://www.paloaltonetworks.com/blog/author/shengming-xu/?ts=markdown "Posts by Shengming Xu") [](https://www2.paloaltonetworks.com/blog/2014/09/addressing-bash-vulnerability-shellshock-palo-alto-networks-mitigation-cve-2014-6271/) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Palo Alto Networks Addresses Bash Vulnerability Shellshock: Mitigation for ...](https://www2.paloaltonetworks.com/blog/2014/09/addressing-bash-vulnerability-shellshock-palo-alto-networks-mitigation-cve-2014-6271/) Around 6:00 am PST on September 24, the details of a vulnerability in the widely used Bourne Again Shell (Bash) were disclosed by multiple Linux vendo... Sep 25, 2014 By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/2014/08/examining-chs-breach-heartbleed-exploitation/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/threat-advisory-analysis/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Examining the CHS Breach and Heartbleed Exploitation](https://www2.paloaltonetworks.com/blog/2014/08/examining-chs-breach-heartbleed-exploitation/) Yesterday, TrustedSec, a security consultancy based on Ohio, wrote that the recent breach at Community Health Systems (CHS) was the result of exploita... Aug 20, 2014 By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/2014/08/hunting-mutex/) [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/threat-advisory-analysis/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Hunting the Mutex](https://www2.paloaltonetworks.com/blog/2014/08/hunting-mutex/) Mutex analysis is an often overlooked and useful tool for malware author fingerprinting, family classification, and even discovery. Far from the hypothesized "huge amount of variability" in mutex names, likely... Aug 14, 2014 By [Palo Alto Networks](https://www.paloaltonetworks.com/blog/author/palo-alto-networks-staff/?ts=markdown "Posts by Palo Alto Networks") [](https://www2.paloaltonetworks.com/blog/2014/08/backoff-citadel-abuse-remote-access-tools/) [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Backoff and Citadel Abuse Remote Access Tools](https://www2.paloaltonetworks.com/blog/2014/08/backoff-citadel-abuse-remote-access-tools/) Recent events continue to highlight the abuse of remote access applications in the enterprise. Last Tuesday, Trusteer reported that a new variant of Citadel, which has long relied on VNC to give attackers remot... Aug 04, 2014 By [Rob Downs](https://www.paloaltonetworks.com/blog/author/rob-downs/?ts=markdown "Posts by Rob Downs") and [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/2014/08/new-release-decrypting-netwire-c2-traffic/) [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [New Release: Decrypting NetWire C2 Traffic](https://www2.paloaltonetworks.com/blog/2014/08/new-release-decrypting-netwire-c2-traffic/) On July 22, Palo Alto Networks threat intelligence team, Unit 42, released our first report on the evolution of "Silver Spaniel" 419 scammers. Of particular note is how these actors use a Remote Administration... Aug 04, 2014 By [Phil Da Silva](https://www.paloaltonetworks.com/blog/author/phil-da-silva/?ts=markdown "Posts by Phil Da Silva"), [Rob Downs](https://www.paloaltonetworks.com/blog/author/rob-downs/?ts=markdown "Posts by Rob Downs") and [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/2014/07/beginning-end-use-free-exploitation/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Is It the Beginning of the End For Use-After-Free Exploitation?](https://www2.paloaltonetworks.com/blog/2014/07/beginning-end-use-free-exploitation/) Use-after-free bugs have affected Internet Explorer for years. In the past year alone, Microsoft patched 122 IE vulnerabilities, the majority of which... Jul 16, 2014 By [Tao Yan](https://www.paloaltonetworks.com/blog/author/tao-yan/?ts=markdown "Posts by Tao Yan"), [Bo Qu](https://www.paloaltonetworks.com/blog/author/bo-qu/?ts=markdown "Posts by Bo Qu") and [Royce Lu](https://www.paloaltonetworks.com/blog/author/royce-lu/?ts=markdown "Posts by Royce Lu") [](https://www2.paloaltonetworks.com/blog/2014/07/iptables-backdoor-even-linux-risk-intrusion/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Iptables Backdoor: Even Linux Is At Risk of Intrusion](https://www2.paloaltonetworks.com/blog/2014/07/iptables-backdoor-even-linux-risk-intrusion/) A backdoor implant is an increasingly common mechanism for maintaining unauthorized access and control over a computer asset. The terms remote administration tool (RAT) and trojan... Jul 16, 2014 By [Jin Chen](https://www.paloaltonetworks.com/blog/author/jin-chen/?ts=markdown "Posts by Jin Chen") [](https://www2.paloaltonetworks.com/blog/2014/07/sms-based-app-purchase-android-worth-risk/) [Application Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/application-analysis/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [SMS-Based In-App Purchase on Android Is Not Worth The Risk](https://www2.paloaltonetworks.com/blog/2014/07/sms-based-app-purchase-android-worth-risk/) In-App Purchase (IAP) has become a popular way to sell services and virtual items through mobile applications. In the An... Jul 15, 2014 By [Claud Xiao](https://www.paloaltonetworks.com/blog/author/claud-xiao/?ts=markdown "Posts by Claud Xiao") and [Zhi Xu](https://www.paloaltonetworks.com/blog/author/zhi-xu/?ts=markdown "Posts by Zhi Xu") [](https://www2.paloaltonetworks.com/blog/2014/07/palo-alto-networks-offers-threat-mitigation-havex-dragonfly-variants/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [SCADA \& ICS](https://www.paloaltonetworks.com/blog/category/scada-ics/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown) ## [Palo Alto Networks Offers Threat Mitigation for Havex, DragonFly and Varian...](https://www2.paloaltonetworks.com/blog/2014/07/palo-alto-networks-offers-threat-mitigation-havex-dragonfly-variants/) Palo Alto Networks has been tracking Havex for quite a while and we've regularly found samples via WildFire, providing coverage via antivirus and addi... Jul 10, 2014 By [John Harrison](https://www.paloaltonetworks.com/blog/author/john-harrison/?ts=markdown "Posts by John Harrison") [](https://www2.paloaltonetworks.com/blog/2014/07/palo-alto-networks-discovers-additional-10-critical-internet-explorer-vulnerabilities/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown) ## [Palo Alto Networks Discovers Additional 10 Critical Internet Explorer Vulne...](https://www2.paloaltonetworks.com/blog/2014/07/palo-alto-networks-discovers-additional-10-critical-internet-explorer-vulnerabilities/) Palo Alto Networks researchers discovered 10 new critical Internet Explorer (IE) vulnerabilities covering IE versions 6, 7, 8, 9, 10 and 11. Jul 08, 2014 By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin") [](https://www2.paloaltonetworks.com/blog/2014/05/latest-kuluoz-spam-campaign-kicks/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/threat-advisory-analysis/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [The Latest Kuluoz Spam Campaign Kicks Off](https://www2.paloaltonetworks.com/blog/2014/05/latest-kuluoz-spam-campaign-kicks/) At 06:47 PST on May 20 Palo Alto Networks WildFire detected the start of the latest Kuluoz spam campaign. The total number of e-mails detected quickly rose to over 30,000 per hour... May 20, 2014 By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/2014/05/funtasy-trojan-targets-spanish-android-users-sneaky-sms-charges/) [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Funtasy Trojan Targets Spanish Android Users with Sneaky SMS Charges](https://www2.paloaltonetworks.com/blog/2014/05/funtasy-trojan-targets-spanish-android-users-sneaky-sms-charges/) (more...) May 12, 2014 By [Zhi Xu](https://www.paloaltonetworks.com/blog/author/zhi-xu/?ts=markdown "Posts by Zhi Xu"), [Claud Xiao](https://www.paloaltonetworks.com/blog/author/claud-xiao/?ts=markdown "Posts by Claud Xiao") and [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson") [](https://www2.paloaltonetworks.com/blog/2014/05/tale-3-vulnerabilities-cve-2014-1776-exploit-linked-previous-attacks/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [A Tale of 3 Vulnerabilities, CVE-2014-1776 Exploit Linked to Previous Attac...](https://www2.paloaltonetworks.com/blog/2014/05/tale-3-vulnerabilities-cve-2014-1776-exploit-linked-previous-attacks/) Late last month reports surfaced that a new Internet Explorer vulnerability (CVE-2014-1776) was being exploited in targeted attacks. The vulnerability... May 02, 2014 By [Bo Qu](https://www.paloaltonetworks.com/blog/author/bo-qu/?ts=markdown "Posts by Bo Qu") [](https://www2.paloaltonetworks.com/blog/2014/04/palo-alto-networks-protects-customers-critical-ie-vulnerability-cve-2014-1776/) [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Palo Alto Networks Protects Customers From Critical IE Vulnerability CVE-20...](https://www2.paloaltonetworks.com/blog/2014/04/palo-alto-networks-protects-customers-critical-ie-vulnerability-cve-2014-1776/) On Saturday, Microsoft disclosed a critical vulnerability in Internet Explorer, CVE-2014-1776, affecting Internet Explorer versions 6 through 11. The... Apr 29, 2014 By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin") [](https://www2.paloaltonetworks.com/blog/2014/04/cardbuyer-new-smart-android-trojan/) [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ## [Cardbuyer: New Smart Android Trojan Defeats Multi-factor Verification and S...](https://www2.paloaltonetworks.com/blog/2014/04/cardbuyer-new-smart-android-trojan/) On April 21st our WildFire analysis cloud detected a new Android Trojan, which is currently completely undetected in VirusTotal and uses a new combina... Apr 24, 2014 By [Claud Xiao](https://www.paloaltonetworks.com/blog/author/claud-xiao/?ts=markdown "Posts by Claud Xiao") and [Zhi Xu](https://www.paloaltonetworks.com/blog/author/zhi-xu/?ts=markdown "Posts by Zhi Xu") Load more blogs Load more blogs ### Subscribe to the Newsletter! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language