Displaying 1 to 30 of 69

The CyberWire Daily Podcast for 05.19.17

Palo Alto Networks Rick Howard discusses research on Shamoon, adversary playbooks, and credential theft.

  • 0
  • 78

How CISOs can answer difficult questions from CEOs

The CEO puts all the trust in the chief security officer to keep the company off the front page and out of danger. But as the number of attacks across the internet skyrockets, that trust has slowly eroded or at the very least is increasingly questioned.

  • 0
  • 127

President Trump signs cybersecurity executive order

President Trump signed a long-awaited executive order on Thursday designed to improve the nation's cybersecurity.

  • 0
  • 316

Nemucod delivering credential-stealing trojan, Palo Alto

Researchers at Palo Alto Networks have spent the past five months examining a malware campaign that uses the Nemucod downloader to ultimately deliver a trojan that siphons out credentials, according to a post on the company blog.

  • 0
  • 169

Women in cybersecurity need to take more risks

Rinki Sethi, director of information security at Palo Alto Networks, needed to bring a lot of confidence and skills to the gates of cybersecurity when she began her career.

  • 0
  • 204

Malware Analysis Done Right

The reality facing the cybersecurity industry today is as soon as network defenders develop a new way to spot malware, cyberadversaries are quick to find a way to circumvent it. With the number of cyberattackers growing every day, the time elapsed between deploying a protection and a bad actor finding a way around it grows ever shorter.

  • 0
  • 254

The CyberWire Daily Podcast for 05.04.17

Rick Howard from Palo Alto Networks previews the Cyber Canon awards ceremony.

  • 0
  • 176

Credential theft is the oxygen that fuels successful attacks

As senhas são as clássicas necessidades do ambiente virtual e, quando combinadas com nomes de usuários, formam as credenciais. Quase toda atividade online exige a criação de credenciais, seja para contas de e-mail, contas bancárias, acesso a redes corporativas, redes sociais, jogos, serviços de streaming, ou qualquer registro online.

  • 0
  • 150

Malware for video devices is able to erase data

Os pesquisadores da Unit 42, unidade de pesquisa da Palo Alto Networks, identificaram um novo malware para IoT chamado Amnesia. O malware é uma variação do botnet Tsunami e mira vulnerabilidades de execução de códigos remotos presentes em dispositivos DRV (gravadores de vídeos digitais) fabricados por cerca de 70 empresas no mundo.

  • 0
  • 204

Palo Alto Networks Identifies Malware for IoT

Os pesquisadores da Unit 42 Palo Alto Networks identificaram um novo malware para IoT chamado Amnesia, que é uma variação do botnet Tsunami.

  • 0
  • 138

The CyberWire Daily Podcast for 04.27.17

Palo Alto Networks Rick Howard outlines a new white paper on credential theft.

  • 0
  • 144

Cardinal RAT Remained Hidden for Two Years

A recently discovered remote access Trojan (RAT) that abuses Excel macros in an innovative way has been active for more than two years, Palo Alto Networks security researchers reveal. Dubbed Cardinal RAT, the malware had a very low volume over the two-year timeframe, with only 27 total samples found to date.

  • 0
  • 144

Cardinal RAT reigns under the radar two years

Palo Alto Networks researchers spotted a previously unknown remote access trojan (RAT) dubbed the Cardinal RAT which uses a unique technique involving malicious Excel macros.

  • 0
  • 283

The CyberWire Daily Podcast for 04.17.17

Rick Howard from Palo Alto Networks ponders the first principle of automotive security.

  • 0
  • 142

Securing the Government Cloud

Cloud service deployments at the federal, state and city levels that benefit from the cloud's operational and cost efficiencies have been unprecedented. The federal government launched its Federal Risk and Authorization Management Program, or FedRAMP, to certify a consistent way for cloud service providers to offer security assessment, authorizations and continuous monitoring to government organizations. State and city governments rely on third-party contractors to assess cloud providers for them.

  • 0
  • 395

Credential Theft: The Key to Shamoon 2 Data Destruction

The problem of stolen credentials is a well-known threat in the security industry. But knowing something is a problem and understanding the full scope are two different things. The Shamoon 2 attacks targeting critical organizations across Saudi Arabia should serve as a clear demonstration about how significant the problem of credential theft is and how taking steps to prevent it can yield truly significant, tangible results in protecting against attacks.

  • 0
  • 423

Malware for IoT begins to show destructive behavior

Hackers começaram a adicionar rotinas de limpeza de dados em malwares que são feitos para infectar aparelhos embutidos e de Internet das Coisas (IoT). Dois ataques observados recentemente mostram esse comportamento, mas provavelmente para objetivos diferentes.

  • 0
  • 133

IoT Botnet "Amnesia" Hijacks DVRs via Unpatched Flaw

A new Linux/IoT botnet named “Amnesia” has been targeting digital video recorders (DVRs) by exploiting an unpatched remote code execution vulnerability disclosed more than one year ago. The threat, believed to be a variant of the Tsunami botnet, has been analyzed in detail by researchers at Palo Alto Networks. The botnet targets embedded systems, particularly DVRs made by China-based TVT Digital, which are sold under more than 70 brands worldwide.

  • 0
  • 484

The CyberWire Daily Podcast for 04.06.17

Palo Alto Networks Rick Howard describes the cloud paradigm shift.

  • 0
  • 137

Introducing the Cybesecurity Canon

For those that want more, there’s the Cybersecurity Canon project, of which I’m a member. Canon members include industry experts such as Christina Ayiotis, co-chair of the Georgetown Cybersecurity Law Institute, Dawn-Marie Hutchinson of Optiv, Brian Kelly CISO at Quinnipiac University and more.

  • 0
  • 457

Open-source developers targeted in sophisticated malware attack

For the past few months, developers who publish their code on GitHub have been targeted in an attack campaign that uses a little-known but potent cyberespionage malware. The attacks started in January and consisted of malicious emails specifically crafted to attract the attention of developers, such as requests for help with development projects and offers of payment for custom programming jobs.

  • 0
  • 510

Someone is putting lots of work into hacking Github developers

Open source developers who use Github are in the cross-hairs of advanced malware that can steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.

  • 0
  • 580

This Stealthy Malware Remained Unnoticed for Three Years

Stealthy command and control methods allowed a newly discovered malware family to fly under the radar for more than three years, Palo Alto Networks security researchers reveal. Dubbed Dimnie, the threat was discovered in mid-January 2017, when it was targeting open-source developers via phishing emails.

  • 0
  • 508

Why Healthcare Network Security is a Critical Provider Tool

Covered entities are quickly implementing more technology into daily operations, which could potentially open the door for cyber criminals or even unauthorized insider access. Healthcare network security measures must be current and comprehensive, ensuring that patient data does not fall into the wrong hands.

  • 0
  • 576

As Malware Gets Smarter, Bare Metal Analysis Can Keep You Secure

Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks. They say a rising tide lifts all boats; unfortunately, the proverb applies to cybercriminals, too. While the inexpensive availability of compute processing power and broadband connectivity has made technologies like virtualization and cloud computing possible, that same ready access makes it possible for even a novice cybercriminal to leverage some of the most advanced malware available today.

  • 0
  • 523

Android adware abusing plugin frameworks to promote potentially malicious apps

Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks. App promotion isn't anything new on the Android platform. In the past, we've seen adware install paid applications once they've landed on an device. But to the chagrin of these less-than-honest developers, anti-malware technology can block these efforts.

  • 0
  • 522

Two-factor authentication, one-time passwords key to prevent credential theft: Report

Another vendor has joined the crowd of voices urging infosec pros to enable two-factor or multi-factor authentication where they can to better secure IT systems. Effective prevention of credential theft should focus on four strategies: Having more than one factor of authentication, one-time passwords, password managers and employee training, a discussion paper released Tuesday by the Unit 42 intelligence division of Palo Alto Networks.

  • 0
  • 537

The CyberWire Daily Podcast for 03.17.17

Palo Alto Networks Rick Howard describes a capture-the-flag collaboration.

  • 0
  • 561
Displaying 1 to 30 of 69