Displaying 1 to 30 of 53

Securing the Government Cloud

Cloud service deployments at the federal, state and city levels that benefit from the cloud's operational and cost efficiencies have been unprecedented. The federal government launched its Federal Risk and Authorization Management Program, or FedRAMP, to certify a consistent way for cloud service providers to offer security assessment, authorizations and continuous monitoring to government organizations. State and city governments rely on third-party contractors to assess cloud providers for them.

  • 0
  • 88

Credential Theft: The Key to Shamoon 2 Data Destruction

The problem of stolen credentials is a well-known threat in the security industry. But knowing something is a problem and understanding the full scope are two different things. The Shamoon 2 attacks targeting critical organizations across Saudi Arabia should serve as a clear demonstration about how significant the problem of credential theft is and how taking steps to prevent it can yield truly significant, tangible results in protecting against attacks.

  • 0
  • 125

IoT Botnet "Amnesia" Hijacks DVRs via Unpatched Flaw

A new Linux/IoT botnet named “Amnesia” has been targeting digital video recorders (DVRs) by exploiting an unpatched remote code execution vulnerability disclosed more than one year ago. The threat, believed to be a variant of the Tsunami botnet, has been analyzed in detail by researchers at Palo Alto Networks. The botnet targets embedded systems, particularly DVRs made by China-based TVT Digital, which are sold under more than 70 brands worldwide.

  • 0
  • 195

Introducing the Cybesecurity Canon

For those that want more, there’s the Cybersecurity Canon project, of which I’m a member. Canon members include industry experts such as Christina Ayiotis, co-chair of the Georgetown Cybersecurity Law Institute, Dawn-Marie Hutchinson of Optiv, Brian Kelly CISO at Quinnipiac University and more.

  • 0
  • 190

Open-source developers targeted in sophisticated malware attack

For the past few months, developers who publish their code on GitHub have been targeted in an attack campaign that uses a little-known but potent cyberespionage malware. The attacks started in January and consisted of malicious emails specifically crafted to attract the attention of developers, such as requests for help with development projects and offers of payment for custom programming jobs.

  • 0
  • 241

This Stealthy Malware Remained Unnoticed for Three Years

Stealthy command and control methods allowed a newly discovered malware family to fly under the radar for more than three years, Palo Alto Networks security researchers reveal. Dubbed Dimnie, the threat was discovered in mid-January 2017, when it was targeting open-source developers via phishing emails.

  • 0
  • 250

Someone is putting lots of work into hacking Github developers

Open source developers who use Github are in the cross-hairs of advanced malware that can steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.

  • 0
  • 284

Why Healthcare Network Security is a Critical Provider Tool

Covered entities are quickly implementing more technology into daily operations, which could potentially open the door for cyber criminals or even unauthorized insider access. Healthcare network security measures must be current and comprehensive, ensuring that patient data does not fall into the wrong hands.

  • 0
  • 284

As Malware Gets Smarter, Bare Metal Analysis Can Keep You Secure

Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks. They say a rising tide lifts all boats; unfortunately, the proverb applies to cybercriminals, too. While the inexpensive availability of compute processing power and broadband connectivity has made technologies like virtualization and cloud computing possible, that same ready access makes it possible for even a novice cybercriminal to leverage some of the most advanced malware available today.

  • 0
  • 262

Android adware abusing plugin frameworks to promote potentially malicious apps

Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks. App promotion isn't anything new on the Android platform. In the past, we've seen adware install paid applications once they've landed on an device. But to the chagrin of these less-than-honest developers, anti-malware technology can block these efforts.

  • 0
  • 284

Two-factor authentication, one-time passwords key to prevent credential theft: Report

Another vendor has joined the crowd of voices urging infosec pros to enable two-factor or multi-factor authentication where they can to better secure IT systems. Effective prevention of credential theft should focus on four strategies: Having more than one factor of authentication, one-time passwords, password managers and employee training, a discussion paper released Tuesday by the Unit 42 intelligence division of Palo Alto Networks.

  • 0
  • 298

The CyberWire Daily Podcast for 03.17.17

Palo Alto Networks Rick Howard describes a capture-the-flag collaboration.

  • 0
  • 331

New cloud-based keylogger gaining momentum among criminals

A new cloud-based keylogger malware family is slowly but surely gaining momentum among criminals on underground web marketplaces. The malware, dubbed "NexusLogger", appears to have first arrived on the keylogging scene at the beginning of 2017.

  • 0
  • 280

Protecting the enterprise against mobile threats

Mobile devices have transformed the digital enterprise allowing employees to access the information they need to be most productive from virtually anywhere. Has that convenience come at a cost to enterprise security, though?

  • 0
  • 346

RanRan Ransomware being as a political tool

Palo Alto's Unit 42 research group has observed a new ransomware campaign that attempts to extort Middle Eastern organizations into posting political statements instead of a monetary payment.

  • 0
  • 341

Palo Alto Networks & Next-Gen Security Innovators

Sometimes Wall Street investors and channel partners don’t exactly see eye to eye. Such is the case in recent days. Indeed, Wall Street wants even faster growth from Palo Alto Networks. But channel partners seem pretty darn pleased with the company’s next-generation security strategy.

  • 0
  • 227

Case Study: Community Hospital Tackles Secure Access

Implementing robust access controls in healthcare settings can be particularly challenging for several reasons. But Fisher-Titus Medical Center is making progress in strengthening its authentication and other security controls, says Peter Jacob, the community hospital's manager of IT operations and infrastructure.

  • 0
  • 345

What's Next in Cybersecurity? Ripped From the RSA Conference Floor

The security industry wrapped up what has arguably become the most significant trade show in the security industry: RSA Conference. While it’s always interesting to see what challenges hold the industry’s attention and how vendors plan to address them, I find the most useful information comes from informal conversations with customers and industry colleagues as opposed to official booth presentations.

  • 0
  • 331

A phishing campaign about nothing

A new phishing campaign that has taken a Jerry Seinfeld-like approach with its scam by making the email about nothing by not including any text in the email body, just an attachment, is also abusing web hosting providers at a prodigious rate.

  • 0
  • 376

132 Google Play apps found containing malicious iframes

Researchers with Palo Alto Networks today reported finding 132 Android apps on Google Play whose HTML code was injected with hidden, malicious iframes, likely due to malware infecting a development platform used by the apps' creators. The apps, which were spawned by seven different developers, mostly contained carefully concealed HTML-based iframe tags that connected to two heavily obfuscated malicious domains.

  • 0
  • 395

Old Windows malware may have tampered with 132 Android apps

More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers. The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.

  • 0
  • 336

132 Google Play apps tried to infect Android users with…Windows malware

It's a mystery that left researchers scratching their heads: 132 Android apps in the official Google Play market attempted to infect users with... Windows malware. The apps, which were spawned by seven different developers, mostly contained carefully concealed HTML-based iframe tags that connected to two heavily obfuscated malicious domains.

  • 0
  • 381

"Gamaredon" Group Uses Custom Malware in Ukraine Attacks

The group has been active since at least mid-2013, but its activities were first detailed in April 2015 by LookingGlass. The security firm’s analysis focused on Operation Armageddon, a cyber espionage campaign targeting Ukrainian government, military and law enforcement officials.

  • 0
  • 381

Four Cybersecurity Resolutions for 2017

2016 was a big year for cybersecurity news, most of it not terribly encouraging. Still, the year did present the cybersecurity industry with several teachable moments that I believe all security professionals should heed as we move into a new year.

  • 0
  • 547

Integração impulsiona inteligência e inovação em Segurança Cibernética

C-Levels da Palo Alto Networks afirmam na RSA Conference que estratégias de segurança precisam ser pautadas em visibilidade e apontam a integração de tecnologias como a melhor aliada no combate ao cibercrime

  • 0
  • 464

4 reasons to prioritize cloud security this year

A tremendous amount of healthcare data will be moved to the Amazon Web Services and Microsoft Azure clouds for either private or public use in 2017. It makes sense, because hospital leaders are of the mindset that they prefer to be in the business of treating patients, rather than managing data centers.

  • 0
  • 346

Security platforms to disrupt industry, predicts Palo Alto Networks

Security platforms with open application programming interfaces (APIs) are set to turn the business model for the information security on its head, according to Mark McLaughlin, president and CEO of Palo Alto Networks.

  • 1
  • 510

What to Know Before Choosing a Malware Analysis Environment

Even the Most Advanced Malware Analysis Environment could potentially be Circumvented by a Sufficiently Advanced Attacker. From a technology perspective, it has never been a better time to be in the cyberattack business. Thanks to the common availability of attack tools in the underground marketplace, today’s adversaries don’t require the technical know-how to develop malware.

  • 0
  • 508
Displaying 1 to 30 of 53