At least two cybersecurity firms have noticed that the notorious Lazarus threat group, which many experts have linked to North Korea, has been using a new piece of Android malware to target smartphone users in South Korea.
Long-lasting targeted attacks aimed at entities in the Middle East are difficult to attribute despite being analyzed by several researchers, Palo Alto Networks said this week.
Dubbed “MuddyWater” by the security firm because of the high level of confusion they have already created, the attacks took place between February and October 2017. The campaign has made use of a variety of malicious documents, and hit targets in Saudi Arabia, Iraq, Israel, United Arab Emirates, Georgia, India, Pakistan, Turkey, and the United States to date
You don't have to be a rocket scientist to fill jobs. But it takes one to figure out how the world will fill its 3.5 million cybersecurity jobs that are predicted to be open by 2021.
Sylvia Acevedo, a former rocket scientist for the NASA Jet Propulsion Laboratory in Pasadena, California — and now president of Girl Scouts of the United States of America, has partnered with Palo Alto Networks on a stroke of genius: training young girls on cybersecurity.
Veteran job seekers are more likely than non-veterans to be underemployed, despite the fact that the majority of employers report that veterans perform "better than" or "much better than" non-veterans, according to a survey released this week by ZipRecruiter and the Call of Duty Endowment. Meanwhile, there's a severe shortage of skilled U.S. workers needed for open technology jobs, particularly in the cybersecurity field.
Most people are aware of the potential threats looming online but a new trend called cryptojacking can steal a user’s computing power and use it to mine profitable cryptocurrencies for attackers. Unlike other attacks like adware that bombards a user with advertisements that can redirect them to spam-filled websites or malware that requires the user to download and install a piece of software, cryptojacking is relatively unintrusive and generally less harmful than other attacks—though that doesn’t make the intentions less malicious.
Increasingly, companies are connecting thousands of devices to the internet. From smart TVs to conference rooms to thermostats. Most of these devices have been built specifically to perform a single function, regardless of the safety factor. While this flow of technology is critical to the evolution of our digital age, it also presents a new layer of risk to organizations.
Board members pose a unique risk for business, but proper planning helps.
Within any organization, certain employees have access to information that could tip the scales of risk for the business. If a cybercriminal were to gain access to a company's most sensitive information through stealing credentials from one of these employees, the business could face serious financial and reputational repercussions.
When it comes to the public cloud, Palo Alto Networks said it is doubling down with partners.
The Santa Clara, Calif.-based security vendor has launched the pilot for a new Public Cloud Specialization, as part of its NextWave Partner Program.
In a digital threat landscape where businesses are constantly playing catch-up with new attack vectors and vulnerabilities, the best defense they have is the same thing that makes them such an appealing target for hackers: a mountain of data.
Cybersecurity Awareness Month is, once again, upon us. At its core is an issue that can have a massive impact on organizations in every industry, public and private, large and small: successful cyberattacks and how to prevent them from happening in the first place.
The booming price of Bitcoin and other crypto-coins has kicked off a gold rush among malicious hackers keen to cash in, warn security firms. Many sites are now harbouring code that secretly uses a visitors' computer to mine the valuable e-cash coins. Palo Alto Networks said it had found Coin-Hive on almost 150 separate domains. The most popular locations for the code were porn, video and file-sharing sites.
It’s commonly accepted that your users are the weakest link in your security chain. That is actually not true in a lot of cases, though. The reality is that your true Achilles heel is probably your board of directors. Rick Howard, chief security officer of Palo Alto Networks, pointed out that board members, on the other hand, are not employees and generally operate completely outside the scope and protection of your information security tools and policies—using personal computers and mobile devices.
Whether it's ransomware or a data breach, it feels like every day we read about a new cyberattack that leaves our organizations - or us, as individuals - at risk for cybertheft. Understanding the threat landscape is critical to prevent cyberattacks, and regardless of your title within the organization, understanding more of that landscape contributes to the well-being of the organization. October is National Cyber Security Awareness Month, so I sat down with Rick Howard, CSO at Palo Alto Networks to talk about the top five cybersecurity books that he recommends every CIO read to learn more about the cyberthreat playing field.
A group of hackers is using a sophisticated technique of hijacking ongoing email conversations to insert malicious documents that appear to be coming from a legitimate source and infect other targets participating in the same conversational thread.
A newly identified spearphishing campaign targeting banks, companies and individuals across Eurasia wielded particularly effective tactics and malware, according to new research published by the cybersecurity firm Palo Alto Networks.
A persistent wave of headlines about data breaches and cyberattacks reinforces that cybersecurity remains fundamental to the future of our digital age and preservation of the economic and societal benefits that the internet provides. While new technology innovations continue to bring tremendous benefits to business productivity and our way of life, our increasing digital dependence is also broadening the cyberthreat landscape and creating more risk for enterprises and consumers alike.
An analysis of a recently discovered webshell used to harvest credentials from an unnamed Middle Eastern organization has unearthed a complex malicious infrastructure that appears to be targeting Israeli institutions and may possibly be linked to the Iranian APT group OilRig, according to researchers.
VICE News asked women who work in tech how they’d fix the industry’s gender gap, and they pointed to three main areas for improvement: hiring, education, and retention. We spoke to women at various stages of their careers to find out which of these areas needs the biggest push.
DevOps is the most important innovation to the IT sector since the invention of the personal computer. Nearly everyone I have talked to in my travels, these past few years, says they are building their own DevOps shop.
Telefónica, working with Palo Alto Networks, has launched a software service that provides a cloud-based security layer over customers’ Internet access.
The Spain-based service provider natively embedded the new service, Clean Pipes 2.0, into its platforms. It is available now to Telefónica Business Solutions’ multinational customers.
John Davis has seen cyberthreats from both the public and private sector. Currently serving as the Vice President and Federal Chief Security Officer at cybersecurity firm Palo Alto Networks, Davis is responsible for expanding cybersecurity initiatives and improving policy for organizations and governments around the world.
Each day, businesses are connecting thousands of devices to the internet. From conference room smart TVs to thermostats, most of these devices were purpose-built to perform a single function without security in mind. While this influx of technology is instrumental to the evolution of our digital age, it also presents a new layer of risk to organizations. With Gartner projecting the number of connected devices to reach 20 billion by 2020, even a small percentage of infected devices could present a major security threat to broader systems and networks.
Researchers at Unit 42, the Palo Alto Networks team, have found a vulnerability in all versions of the Android operating system prior to the recent release, version 8.0 Oreo - that is, virtually all Android smartphones sold in Brazil. Through it, criminals can offer applications that create fake screens on smartphones. These screens overlap the true screen and thus conceal malicious action.
The vast majority of Android devices are at risk of a 'Toast' overlay attack that builds on Cloak and Dagger exploits. The bug could lead to remote control of the device unless Google's latest security patch is applied.
Security company Palo Alto Networks issued an alert on Thursday that company experts have found a vulnerability in Android that allows applications to create fake screens that overlap the original screen to deceive the owner of the phone. The attack circumvents two protections existing in Android to prevent this type of fraud.