* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://origin-researchcenter.paloaltonetworks.com/blog/corporate/)
* APT

# Palo Alto Networks

## APT

[![Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/uploads/2023/06/Man-Working-2.jpg)](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/through-the-cortex-xdr-lens-uncovering-a-new-activity-group-targeting-governments-in-the-middle-east-and-africa/)  
[Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa
\----------------------------------------------------------------------------------------------------------------](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/through-the-cortex-xdr-lens-uncovering-a-new-activity-group-targeting-governments-in-the-middle-east-and-africa/)

This blog is about a new activity group that was observed targeting governments in the Middle East and Africa with some rare TTPs.  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown)  
[News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)  
[Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)  
Jun 14, 2023  
By [Lior Rochberger](https://www.paloaltonetworks.com/blog/author/lior-rochberger/?ts=markdown "Posts by Lior Rochberger")

## Palo Alto Networks

*** ** * ** ***

[Announcements](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown)

*** ** * ** ***

[Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown)

*** ** * ** ***

[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

*** ** * ** ***

[Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

*** ** * ** ***

[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

*** ** * ** ***

[Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

*** ** * ** ***

![Exposing the Sophisticated Cyber Espionage Tool Known as BendyBear](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/uploads/2021/02/Espionage-r3d3.png)  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown)

## [Exposing the Sophisticated Cyber Espionage Tool Known as BendyBear](https://origin-researchcenter.paloaltonetworks.com/blog/2021/02/u42-bendybear/)

Unit 42 has disclosed the discovery of BendyBear, extremely stealthy malware that is one of the most sophisticated cyber espionage tools seen to date.  
Feb 09, 2021  
By [Ryan Olson](https://www.paloaltonetworks.com/blog/author/ryan-olson/?ts=markdown "Posts by Ryan Olson")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2015/12/2016-prediction-11-looking-ahead-to-cybersecurity-in-2016/)  
[CSO Perspective](https://www.paloaltonetworks.com/blog/category/cso-perspective/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown)

## [2016 Prediction #11: Looking Ahead to Cybersecurity in 2016](https://origin-researchcenter.paloaltonetworks.com/blog/2015/12/2016-prediction-11-looking-ahead-to-cybersecurity-in-2016/)

This is the eleventh in our series of cybersecurity predictions for 2016. Stay tuned for more through the end of the year.  
Dec 17, 2015  
By [Greg Day](https://www.paloaltonetworks.com/blog/author/greg-day/?ts=markdown "Posts by Greg Day")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2015/01/well-know-zero-days-apts/)  
[Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown)

## [How Well Do You Know Your Zero Days and APTs?](https://origin-researchcenter.paloaltonetworks.com/blog/2015/01/well-know-zero-days-apts/)

It's time to take the Zero Day \& APT Challenge, where knowledge of the worst threats out there could win you great prizes. (more...)  
Jan 22, 2015  
By [Karine Gidali](https://www.paloaltonetworks.com/blog/author/karine-gidali/?ts=markdown "Posts by Karine Gidali")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2014/11/endpoint-security-redefined-learn-advanced-endpoint-protection/)  
[Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown)

## [Endpoint Security Redefined: Learn All About Advanced Endpoint Protection](https://origin-researchcenter.paloaltonetworks.com/blog/2014/11/endpoint-security-redefined-learn-advanced-endpoint-protection/)

Palo Alto Networks Advanced Endpoint Protection is a complete paradigm shift from detection and remediation to pure prevention: intended to shut the door on advanced threats that c...  
Nov 10, 2014  
By [Chad Berndtson](https://www.paloaltonetworks.com/blog/author/cberndston/?ts=markdown "Posts by Chad Berndtson")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2014/11/palo-alto-networks-news-week-november-1/)  
[Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown), [News of the Week](https://www.paloaltonetworks.com/blog/category/news-of-the-week/?ts=markdown)

## [Palo Alto Networks News of the Week -- November 1](https://origin-researchcenter.paloaltonetworks.com/blog/2014/11/palo-alto-networks-news-week-november-1/)

Here's all of the Palo Alto Networks news from the past week.  
Nov 01, 2014  
By [Chad Berndtson](https://www.paloaltonetworks.com/blog/author/cberndston/?ts=markdown "Posts by Chad Berndtson")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2014/10/web-security-tips-pan-db-works/)  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Web Security](https://www.paloaltonetworks.com/blog/category/web-security/?ts=markdown)

## [Web security tips: How PAN-DB works](https://origin-researchcenter.paloaltonetworks.com/blog/2014/10/web-security-tips-pan-db-works/)

PAN-DB is our URL and IP database, designed to fulfill an enterprise's web security needs. PAN-DB is tightly integrated into PAN-OS, providing you Advanced Persistent Threat (APT) protection with high-performance beyond traditional URL filtering.  
Oct 29, 2014  
By [Palo Alto Networks](https://www.paloaltonetworks.com/blog/author/palo-alto-networks-staff/?ts=markdown "Posts by Palo Alto Networks")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2014/04/stop-apts-wreaking-havoc-network/)  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)

## [Stop APT From Wreaking Havoc On Your Network](https://origin-researchcenter.paloaltonetworks.com/blog/2014/04/stop-apts-wreaking-havoc-network/)

What you don't know about the traffic on your network can hurt you. Check out the infographic below on Advanced Persistent Threats (APT) and learn more about how to protect your network from APTs with Palo Alto...  
Apr 14, 2014  
By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2014/04/palo-alto-networks-has-windows-xp-users-covered/)  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown)

## [Palo Alto Networks Has Windows XP Users Covered](https://origin-researchcenter.paloaltonetworks.com/blog/2014/04/palo-alto-networks-has-windows-xp-users-covered/)

This week Microsoft ends support for Windows XP, and organizations will no longer receive security updates or patches for the still widely used operating system.  
Apr 08, 2014  
By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2013/11/palo-alto-networks-finds-critical-vulnerabilities-latest-version-internet-explorer/)  
[Threat Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/threat-advisory-analysis/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown)

## [Palo Alto Networks Finds Critical Vulnerabilities in Latest Version of Inte...](https://origin-researchcenter.paloaltonetworks.com/blog/2013/11/palo-alto-networks-finds-critical-vulnerabilities-latest-version-internet-explorer/)

This week, Palo Alto Networks researcher, Bo Qu, was credited with discovering 3 distinct critical vulnerabilities in Microsoft Internet Explorer. The...  
Nov 14, 2013  
By [Palo Alto Networks](https://www.paloaltonetworks.com/blog/author/palo-alto-networks-staff/?ts=markdown "Posts by Palo Alto Networks")  
[](https://origin-researchcenter.paloaltonetworks.com/blog/2013/07/cyberattacks-why-you-may-not-be-completely-prepared/)  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)

## [Cyberattacks: Why You May Not Be Completely Prepared](https://origin-researchcenter.paloaltonetworks.com/blog/2013/07/cyberattacks-why-you-may-not-be-completely-prepared/)

\*\*This post was originally published on Verizon Enterprise, here.  
Jul 10, 2013  
By [Palo Alto Networks](https://www.paloaltonetworks.com/blog/author/palo-alto-networks-staff/?ts=markdown "Posts by Palo Alto Networks")  
Load more blogs

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language