Displaying 1 to 30 of 198

Cybersecurity in 2017: Automation, Adversaries and Orchestration

Threat intelligence sharing among vendor and industry peers has come a long way, and in 2017 there will be more opportunities than ever to demonstrate its value; especially as conversations around sharing intelligence between the public and private sectors continues.

  • 0
  • 1144

Spotting a Spoofed Email in Healthcare

Over the past year, healthcare organizations of all sizes have been impacted by cyberattacks. Most of them involve malware of one sort or another. As a former security operations lead at a hospital network in the San Francisco Bay Area, I learned what my research at Palo Alto Networks has confirmed: By far, the most common way for malware to make its way into Healthcare networks is by spoofed emails.

  • 0
  • 1093

2017 Cybersecurity Predictions: The Price of Ransomware continues to increase in Asia-Pacific

2016 was a challenging year for organisations particularly as cyber adversaries achieved high-profile success, mainly with ransomware. Organisations in Asia-Pacific are no exception. The year also taught a valuable lesson that no industry vertical is safe; if there is a hole in your security, a determined adversary will find it.

  • 0
  • 1056

Sofacy APT doubles down on its 'DealersChoice' Flash exploit campaign

Russian advanced persistent threat group Sofacy has upped the ante in its campaign to compromise organizations with its “DealersChoice” Flash Player exploit tool, even after Adobe patched a zero-day Flash vulnerability that the tool was observed exploiting.

  • 0
  • 1158

How to maintain security while employees are out of the office for the holidays

The downtime created by the holiday season is a fan favorite for enterprise employees and hackers alike. As workers are enjoying time away from the office for vacations or working remotely, hackers are viewing this slow down as an optimal time to attack corporate systems. To avoid having your organization turn into this holiday’s victim, security professionals provide tips for IT managers to protect corporate data, as well as share recommendations for using the slower cycles to test security systems.

  • 1
  • 1176

What Lies Ahead for Cybersecurity in 2017?

Russian advanced persistent threat group Sofacy has upped the ante in its campaign to compromise organizations with its “DealerWhat Lies Ahead for Cybersecurity in 2017?sChoice” Flash Player exploit tool, even after Adobe patched a zero-day Flash vulnerability that the tool was observed exploiting.

  • 0
  • 1308

PluginPhantom trojan expoits Android plugins to snoop

Researchers at Palo Alto Network's Unit 42 threat intelligence team spotted a new Google Android trojan named “PluginPhantom” which is capable of leveraging Android's DroidPlugin technology to steal user information.

  • 0
  • 1076

"PluginPhantom" Android Trojan Uses Plugins to Evade Detection

A recently discovered Android Trojan dubbed “PluginPhantom” abuses a legitimate plugin framework to update itself and evade static detection, Palo Alto Networks reported on Wednesday.

  • 0
  • 1037

Palo Alto Networks reforça necessidade de reavaliação da postura de SI

Arthur Capella, country manager da companhia, conta que frequência de ciberataques ao setor significa necessidade de rever modelos de proteção através de cada ponto na cadeia de valor.

  • 1
  • 1162

É hora de adotar uma nova definição para a palavra “prevenção”

Em discussões sobre cibersegurança uma das palavras mais utilizadas é “prevenção” e uma das indagações mais frequentes é como prevenir de ataques cibernéticos antes que eles sejam executados e registrem sucesso? Essa é uma questão importante com a qual as equipes de segurança têm de lidar diariamente.

  • 1
  • 1104

What Could The Next Ransomware Note Say? Let’s Learn from 2016

While ransomware threats are mostly an unknown entity to everyday consumers and Internet users, the widespread havoc these types of attacks have waged on healthcare organizations during 2016 started hitting a little too close to home. Ryan Olson weighs in on the maturation and and business model of ransomware.

  • 0
  • 1322

Do You Need a Threat Intelligence Team?

I have the great opportunity to spend time with CSOs and IT executives to understand their cybersecurity concerns and help them map out a strategy for success. An increasingly common question I’ve been hearing is, “Does my organization need a threat intelligence team?” Adding threat intelligence capabilities to your organization can be valuable, with their ability to hunt for advanced attacks; profile never-before-seen malware, campaigns or adversaries; and really think like an attacker.

  • 0
  • 1049

In 2017, ransomware and SaaS challenges will persist in healthcare

2016 was the year of ransomware in cybersecurity, and it was especially impactful in healthcare. For this post, I’ve laid out a few predictions about the type of threats that the healthcare industry will face in 2017. Also, I’ve organized my predictions into “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017.

  • 0
  • 1211

Data integrity, the next big threat

Imagine in a 2016 remake of the classic film Gaslight, a young security professional is driven to the brink of insanity – and impending disaster – by a cyber schemer who unbeknownst to IT security has over time moved around and corrupted bits of data, manipulating, let's say, the design of a jumbo jetliner or perhaps the composition of a vaccine, to execute an unspeakable attack.

  • 1
  • 1128

5 Things That Shape The Security Solution Provider Of The Future

One thing is clear about security: it is changing perhaps faster than any other industry. For partners, that means there's a need for a new business model when it comes to security, Palo Alto Networks Senior Vice President of Worldwide Channels Ron Myers said.

  • 0
  • 1152

What the next president needs to do on cyber

With Election Day upon us, we are getting closer to ushering in a new administration in the White House. Significant progress on cybersecurity policy has been made in the past decade in both Republican- and Democrat-led administrations, and we look forward to the incoming administration making further strides in the next four years. Federal CSO John Davis provides recommendations for the next administration in Federal Computer Week.

  • 0
  • 1276

Nigerian Scammers: Then and Now

The image that the expression “Nigerian scammer” conjures up in most people’s heads is still that of the confidence man behind the keyboard, convincing victims that they have the opportunity to get a hefty sum of money if they only send some first, or pretending to be a man or woman in love with the victim and needing money to get out of some difficulty or another.

  • 0
  • 956

Cybersecurity and Election Time: How to Avoid Being a Victim

The 2016 U.S. presidential election is a global phenomenon, but candidates aren’t the only ones vying to connect with the people. Behind the scenes, stealthy cybercriminals are immersing themselves in the political banter, gathering information and intel to drive their own agendas. What exactly motivates a cyber attacker to take advantage of elections?

  • 0
  • 829

Palo Alto Networks CEO: When And Why SMBs Buy Security Platform Offerings

Buying triggers for security customers can range from seeing a hack in headlines to word-of-mouth recommendations, but Palo Alto Networks CEO Mark McLaughlin said in the security platform business, it’s often detection alerts from a company’s own systems. “The biggest [buying trigger] is the overwhelming number of just detection alerts that are happening,” said McLaughlin. “This would be true in a very large enterprise, but it would probably be even more painful in smaller businesses.”

  • 0
  • 1223

Nigerian Prince scammers now a 'formidable threat'

According to a research report and accompanying blog post by Palo Alto Networks' Unit 42 threat research team, the Nigerian cybercriminals traditionally known for their 419 advance-fee scams have evolved from silly spray-and-pray email spam campaigns to more refined con games that target large business organizations with malware and fetch princely sums totaling millions of dollars.

  • 0
  • 1076

Encontro em São Paulo discute as alternativas para melhorar a segurança digital

Daniel Bortolazo, Palo Alto Networks System Engineer Manager in Brazil, was featured on TV Brasil for a story about cyberattacks and ways to improve the digital security during Security Leaders. The feature also covers a game from RSA that simulates an attack on local data from Level 3 and cites Palo Alto Networks as a source reinforcing the importance of prevention.

  • 0
  • 1162

7 Scary Ransomware Families

As a cautionary tale for the season, here are seven of the scariest ransomware variants. This list is based on a consensus drawn from interviews with Trend Micro's Cabrera; Chris Day, CISO of Invincea; and Bryan Lee, threat intel analyst for Unit 42 at Palo Alto Networks.

  • 0
  • 1092

Palo Alto Networks CEO: Platform Security Is The Future, But Not Every Vendor Will Succeed

The age of the point solution is over, and a new era of platform security players has emerged to change the way companies protect themselves from cyber threats, Palo Alto Networks CEO Mark McLaughlin said. However, not every security company that claims to have a platform will succeed, McLaughlin said Tuesday morning in an on-stage interview with The Channel Company CEO Robert Faletra at the 2016 Best of Breed Conference in Atlanta.

  • 0
  • 1027

Breaking down cybersecurity communication barriers

Those who’ve seen the 1967 film Cool Hand Luke will undoubtedly remember this famous line from the prison warden (played by Strother Martin) directed at the stubborn criminal named Luke (played by Paul Newman): “What we’ve got here is a failure to communicate.”

  • 0
  • 1044

Palo Alto Networks CEO: Lack Of Trust In Technology Could Crush The Global Economy

Palo Alto Networks CEO Mark McLaughlin said there is a real possibility that technology adoption could decline due to increased mistrust in the security of new technologies. “There was a study done not too long ago by a U.S. government agency that looked at usage of some digital technology, and interestingly, it said it’s declining. Why? Because people don’t trust it,” McLaughlin said at the IT Best of Breed conference in Atlanta.

  • 0
  • 1005

Managing Security Complexity: Automatic Orchestration through a Security Platform

The prevailing approach to cybersecurity, which is focused on detection and remediation, has proven inadequate to dealing sufficiently with the rise in volume and sophistication of attacks organizations must now defend against. To keep pace with attackers, security teams routinely deploy 10-15 point products in their environments from different vendors in an attempt to institute security controls at each step in the lifecycle that an attacker must complete in order to successfully exfiltrate data.

  • 0
  • 989

Sofacy's Flash Player Exploit Platform Exposed

Using weaponized Word documents as attachments to phishing emails is not a new attack method, but Palo Alto Networks researchers have discovered an interesting variation: an RTF document with an embedded OLE Word document containing embedded Flash exploits. The purpose is to disguise the attack in layers of obfuscation. Unit 42, the research team of Palo Alto Networks, recently discovered two variations of this attack, which it has named DealersChoice.A and DealersChoice.B.

  • 0
  • 997

Russian APT's DealersChoice exploit tool is a raw deal for Flash users

Russian advanced persistent threat group Sofacy has another ace up its sleeve: a Flash Player exploit tool, dubbed DealersChoice, that in some ways resembles a Russian nesting doll. Discovered by Palo Alto Networks' Unit 42 threat research team, the tool generates RTF documents that contain embedded OLE Word documents that in turn contain embedded, malicious Adobe Flash (.SWF) files, whose contents are designed to abuse flaws in Flash software.

  • 0
  • 972

Expired domains present an opportunity for malicious activity

Experts said expired domains are often purchased with the intent of advertising, but researchers noted these domains and abandoned SDKs present an opportunity for threat actors to target mobile users. Zhi Xu and Tongbo Luo, researchers for Palo Alto Networks, described the risks during a talk at the Virus Bulletin International Conference in Denver. According to the Xu and Luo, many third-party app software development kits(SDKs) have been abandoned, but the apps are still available to users. These apps will attempt to contact command and control servers(C&C) at expired domains which could be repurposed for malicious activity.

  • 0
  • 1065

Oil 'slick': Sneaky OilRig malware campaign flows into new territory

A backdoor malware campaign dubbed OilRig that in May was discovered targeting organizations in Saudi Arabia is now trying to drill into government entities in Turkey, Israel and the U.S., as well as Qatari companies and organizations. Palo Alto Networks Unit 42 threat research team updated the campaign's latest spear phishing efforts in a blog post, warning that the campaign has updated its “Helminth” backdoor software as well as the malicious Excel documents that distribute the malware via macros.

  • 0
  • 866
Displaying 1 to 30 of 198