In today's podcast, we hear that AMD continues its investigation of the backdoors and other vulnerabilities CTS Labs publicly disclosed. That disclosure remains controversial. BlackTDS offers malware distribution as-a-service on the black market.
I know a lot of persuasive folks in the cybersecurity community who can easily conjure up a dozen different cyberattack scenarios detailed enough to scare the socks off any board member. Many of us have been hearing about these hypothetical disasters for a decade or longer.
Researchers have discovered a new malware that steals cryptocurrency and other electronic funds by surreptitiously modifying wallet or payment information whenever victims copy it to their devices' clipboards.
International Women's Day is a great time to bring up the fact that the young members of the Girl Scouts of the USA will soon be able to do their part to help buttress the number of women in cybersecurity by working toward earning badges in that exact skill.
A newly discovered piece of malware is capable of stealing a variety of crypto-coins from its victims by replacing legitimate wallet addresses with that of the attacker.
Dubbed ComboJack, the malware performs its nefarious activity by monitoring the user clipboard and replacing targeted addresses there. This is the same technique that was recently observed being used by the Evrial Trojan and the CryptoShuffler malware, but the new threat targets multiple virtual currencies.
If you think being a Girl Scout is all camping, crafting, and cooking, think again.
For the first time, millions of Girl Scouts nationwide are taking on hacking and cybercrime as they work towards earning newly introduced cybersecurity badges.
Security researchers have discovered a new malware strain that is capable of detecting when users copy a cryptocurrency address to the Windows clipboard. The malware works by replacing this address with one owned by its author.
Rick Howard talks about using tools to reduce the manual response aspect of reacting to a cybersecurity event. He details his definition of terms like extensibility and flexibility when it comes to managing federal resources. During the interview, he talks about concepts like the cyber kill chain, doxing, and threat intelligence sharing.
When attackers gain a foothold in the network, they use their privileges to explore their surroundings, expand their realm of control and achieve their ultimate objective: stealing, modifying or destroying sensitive data. Blending in with legitimate users, they can infiltrate organizations and dwell inside networks for months or even years without being detected.
A newly discovered malicious URL redirection campaign that infects users with the XMRig Monero cryptocurrency miner has already victimized users between 15 and 30 million times, researchers have reported.
Malware that secretly mines Monero is becoming a real problem in the real world, with the number of different incidents growing with each week. For example, only this past week, three new attacks came to light.
Malware is increasingly developing an appetite for cryptocurrency mining. One newly discovered strain has tried to infect millions of Windows machines, all in an effort to siphon their computing power and possibly sell it for mining purposes.
Palo Alto Networks released a cloud-based behavioral analytics application as part of its security platform. The new application, named Magnifier, analyzes data sent from next-generation firewalls to Palo Alto Networks Logging Service and uses this data to profile the behavior of users and devices. Magnifier is expected to be generally available in February.
In October 2016, as a botnet strung together by the Mirai malware launched the biggest distributed denial-of-service attack in history, I was, appropriately enough, giving a talk on Internet of Things (IoT) security and privacy at the Grace Hopper Conference.
As the new year draws near, healthcare organizations are thinking about where to focus their resources. Matt Mellen, security architect and healthcare solution lead at Palo Alto Networks, predicts that, in 2018, machine learning capabilities will not only enhance a healthcare organization's cybersecurity program, but improve patient outcomes as well
Devops is perhaps the most important innovation in the IT and security sectors since the invention of the personal computer. The philosophy is so foreign though, compared to what IT and security staffs have traditionally done, that many do not understand the implications. It is tough for them, and their management chains, to fully wrap their heads around the potential impact to their organizations in the future.
The dynamic and automated nature of the cloud brings many benefits to businesses, from easy setup and delivery of services to predictable maintenance costs. With users accessing data and collaborating from anywhere, whether they are in branch offices or working remotely, cloud-based services and applications have completely transformed how business is done.
Palo Alto Networks Canadian country manager Rob Lunney emphasizes that both the opportunities and dangers of the cloud for the channel are greater than ever, and partners need to be proactive in adjusting their business models to the future.
Automated threat response, which we’ll simply refer to as ATR, is the process of automating the action taken on detected cyber incidents, particularly those deemed malicious or anomalous. For each type of incident, there is a predefined action for containment or prevention where newer technologies, such as behavioral analytics and artificial intelligence, are utilized to bring incidents of interest to the surface.
Cloud is transforming many industries, and the automotive industry is no exception. Dharminder Debisarun, product marketing manager, Cloud Security lead, EMEA at Palo Alto Networks talks about why cloud security adoption will disrupt the automotive industry in 2018.
Using fake tickets to distribute malware, criminals can steal data from victims' computers, including passwords and usernames; called "Boleto Mestre", about 261,098 e-mails have already been distributed since June
The security company Palo Alto Networks announced on Thursday (7) an alert about a coup that circulates in Brazil using fake tickets. In a criminal campaign monitored by the company, more than 260,000 emails have been sent since June 2017. Whoever falls in the coup and tries to open the tickets ends up having the computer infected with a digital plague that steals information, including passwords.