The BumbleBee web shell allows APT attackers to upload and download files, and move laterally by running commands.

Anne Neuberger, the Biden administration's new cybersecurity official, at a 2019 event.

We spent much of 2020 moving heaven and earth to enable “remote everything” - from work, government and healthcare to education, fitness and entertainment. Shelter-in-place orders and travel restrictions imposed in early 2020 forced enterprises to quickly revamp their IT operations to provide remote access to employees, partners and customers.

A phishing campaign has been attempting to disguise spam as an email chain, using genuine messages taken from email clients on previously compromised hosts.

Newly emerged Egregor group employs "double ransom" techniques to threaten reputational damage and increase pressure to pay.

Many of the industry‘s most ambitious vendors will in 2021 prioritize integrating major acquisitions, executing on new partner programs and initiatives, and expanding their technical capabilities.

While analyzing artifacts from the SolarWinds Orion supply-chain attack, security researchers discovered another backdoor that is likely from a second threat actor.

Some experts believe Russia is behind a massive cyberattack that targeted U.S. government agencies.

Cybersecurity stocks moved higher Friday morning on concerns that the suspected Russian hack could be far worse than feared. Microsoft called it a “moment of reckoning” which requires a “strong and coordinated global cybersecurity response.”

Researchers with Palo Alto Networks' Unit 42 are tracking a relatively new cryptomining botnet called "PGMiner," which is targeting vulnerable PostgreSQL database servers to illegally mine for monero.

The newly discovered Python-based malware family targets the Outlook processes, and browser credentials, of Microsoft Windows victims.

As digital transformation and COVID-19 rapidly shift users, devices, applications, services and data outside of the enterprise data center, here’s a look at 25 vendors capable of securing the Edge of tomorrow.

The 10 cybersecurity products making noise in the market have emphasized workflow automation, downtime minimization and incident remediation to better safeguard endpoints, mobile devices, OT environments and containers.

The recent surge in Egregor ransomware activity inspired Palo Alto’s Unit 42 to create a full visualization of the techniques used by the attack group and the relevant courses of action security teams can take to respond.

Scammers and cybercriminals love the holidays because it gives them more opportunities to steal your data and your money.

Only PostgreSQL databases running on Linux servers have been attacked so far.

Identity and access are intrinsically connected when providing security to cloud platforms.

Capturing the phone's IMSI number and MAC address, the leaked data could have made users trackable, potentially over their lifetimes, says Palo Alto Networks.

The Unit 42 research arm of Palo Alto Networks has published a report detailing how 22 application programming interfaces (APIs) across 16 different Amazon Web Services (AWS) platforms can be abused by cybercriminals to surface the identities of the members of the IT team that created them.

A pair of Baidu applications on the Google Play Store were recently leaking users’ sensitive data that could be used to track users’ location, according to Palo Alto Networks’ Unit 42 research published Tuesday.

Two apps developed by Chinese tech giant Baidu were leaking “sensitive” user data that potentially left millions of users open to surveillance or cybercrime, researchers claimed on Tuesday.

Several apps available on the Google Play Store, including two made by Chinese Internet giant Baidu, leaked information about the phone's hardware and location without the user's knowledge, research finds.

Two of the most popular Chinese apps on the Google Play Store are leaking sensitive user information that could be used to track users for years, even after they’ve switched phones.

Palo Alto's 5G security approach includes containerization and secure network slices, as well as real-time correlation of threats against users and devices.

Realizing the increase in use of 5G will only increase the number of cyberattacks, Palo Alto introduces a service that focuses on securing 5G networks and devices.

Palo Alto Networks today introduced the industry’s first 5G-native security offering, bringing its expertise in securing networks, clouds and devices to the 5G world. This new offering enables service providers and enterprises to turn 5G networks into highly secure networks.

‘Service providers are super, super eager for 5G. But enterprises won’t use 5G unless they have confidence in the security,’ says Palo Alto Networks SVP and GM Anand Oswal.

Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says.

Knowing exactly who manages a certain cloud service can be valuable information for malicious hackers, and a cybersecurity company says it has found that kind of weakness in products run by one of the biggest cloud providers.

Shares in Palo Alto Networks Inc. hit a record high today after the company beat first-quarter earnings estimates.