By Year

By Type

  • In The News (1220)

By Topic

  • Cybersecurity (85)

By Product Category

By Services

By Technologies

By Industry

By Audience

  • Business (1231)

By Language

Displaying 31 to 60 of 1471

Securing the Government Cloud

Cloud service deployments at the federal, state and city levels that benefit from the cloud's operational and cost efficiencies have been unprecedented. The federal government launched its Federal Risk and Authorization Management Program, or FedRAMP, to certify a consistent way for cloud service providers to offer security assessment, authorizations and continuous monitoring to government organizations. State and city governments rely on third-party contractors to assess cloud providers for them.

  • 0
  • 567

The CyberWire Daily Podcast for 04.17.17

Rick Howard from Palo Alto Networks ponders the first principle of automotive security.

  • 0
  • 315

Credential Theft: The Key to Shamoon 2 Data Destruction

The problem of stolen credentials is a well-known threat in the security industry. But knowing something is a problem and understanding the full scope are two different things. The Shamoon 2 attacks targeting critical organizations across Saudi Arabia should serve as a clear demonstration about how significant the problem of credential theft is and how taking steps to prevent it can yield truly significant, tangible results in protecting against attacks.

  • 0
  • 591

Malware for IoT begins to show destructive behavior

Hackers começaram a adicionar rotinas de limpeza de dados em malwares que são feitos para infectar aparelhos embutidos e de Internet das Coisas (IoT). Dois ataques observados recentemente mostram esse comportamento, mas provavelmente para objetivos diferentes.

  • 0
  • 305

IoT Botnet "Amnesia" Hijacks DVRs via Unpatched Flaw

A new Linux/IoT botnet named “Amnesia” has been targeting digital video recorders (DVRs) by exploiting an unpatched remote code execution vulnerability disclosed more than one year ago. The threat, believed to be a variant of the Tsunami botnet, has been analyzed in detail by researchers at Palo Alto Networks. The botnet targets embedded systems, particularly DVRs made by China-based TVT Digital, which are sold under more than 70 brands worldwide.

  • 0
  • 647

The CyberWire Daily Podcast for 04.06.17

Palo Alto Networks Rick Howard describes the cloud paradigm shift.

  • 0
  • 314

Introducing the Cybesecurity Canon

For those that want more, there’s the Cybersecurity Canon project, of which I’m a member. Canon members include industry experts such as Christina Ayiotis, co-chair of the Georgetown Cybersecurity Law Institute, Dawn-Marie Hutchinson of Optiv, Brian Kelly CISO at Quinnipiac University and more.

  • 0
  • 626

Open-source developers targeted in sophisticated malware attack

For the past few months, developers who publish their code on GitHub have been targeted in an attack campaign that uses a little-known but potent cyberespionage malware. The attacks started in January and consisted of malicious emails specifically crafted to attract the attention of developers, such as requests for help with development projects and offers of payment for custom programming jobs.

  • 0
  • 657

Someone is putting lots of work into hacking Github developers

Open source developers who use Github are in the cross-hairs of advanced malware that can steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.

  • 0
  • 780

This Stealthy Malware Remained Unnoticed for Three Years

Stealthy command and control methods allowed a newly discovered malware family to fly under the radar for more than three years, Palo Alto Networks security researchers reveal. Dubbed Dimnie, the threat was discovered in mid-January 2017, when it was targeting open-source developers via phishing emails.

  • 0
  • 659

Why Healthcare Network Security is a Critical Provider Tool

Covered entities are quickly implementing more technology into daily operations, which could potentially open the door for cyber criminals or even unauthorized insider access. Healthcare network security measures must be current and comprehensive, ensuring that patient data does not fall into the wrong hands.

  • 0
  • 752

As Malware Gets Smarter, Bare Metal Analysis Can Keep You Secure

Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks. They say a rising tide lifts all boats; unfortunately, the proverb applies to cybercriminals, too. While the inexpensive availability of compute processing power and broadband connectivity has made technologies like virtualization and cloud computing possible, that same ready access makes it possible for even a novice cybercriminal to leverage some of the most advanced malware available today.

  • 0
  • 675

Android adware abusing plugin frameworks to promote potentially malicious apps

Android adware has embraced an innovative way to promote potentially malicious apps: abuse Android plugin frameworks. App promotion isn't anything new on the Android platform. In the past, we've seen adware install paid applications once they've landed on an device. But to the chagrin of these less-than-honest developers, anti-malware technology can block these efforts.

  • 0
  • 661

Two-factor authentication, one-time passwords key to prevent credential theft: Report

Another vendor has joined the crowd of voices urging infosec pros to enable two-factor or multi-factor authentication where they can to better secure IT systems. Effective prevention of credential theft should focus on four strategies: Having more than one factor of authentication, one-time passwords, password managers and employee training, a discussion paper released Tuesday by the Unit 42 intelligence division of Palo Alto Networks.

  • 0
  • 682

The CyberWire Daily Podcast for 03.17.17

Palo Alto Networks Rick Howard describes a capture-the-flag collaboration.

  • 0
  • 710

New cloud-based keylogger gaining momentum among criminals

A new cloud-based keylogger malware family is slowly but surely gaining momentum among criminals on underground web marketplaces. The malware, dubbed "NexusLogger", appears to have first arrived on the keylogging scene at the beginning of 2017.

  • 0
  • 606

Protecting the enterprise against mobile threats

Mobile devices have transformed the digital enterprise allowing employees to access the information they need to be most productive from virtually anywhere. Has that convenience come at a cost to enterprise security, though?

  • 0
  • 629

RanRan Ransomware being as a political tool

Palo Alto's Unit 42 research group has observed a new ransomware campaign that attempts to extort Middle Eastern organizations into posting political statements instead of a monetary payment.

  • 0
  • 624

Palo Alto Networks & Next-Gen Security Innovators

Sometimes Wall Street investors and channel partners don’t exactly see eye to eye. Such is the case in recent days. Indeed, Wall Street wants even faster growth from Palo Alto Networks. But channel partners seem pretty darn pleased with the company’s next-generation security strategy.

  • 0
  • 523

Case Study: Community Hospital Tackles Secure Access

Implementing robust access controls in healthcare settings can be particularly challenging for several reasons. But Fisher-Titus Medical Center is making progress in strengthening its authentication and other security controls, says Peter Jacob, the community hospital's manager of IT operations and infrastructure.

  • 0
  • 654

What's Next in Cybersecurity? Ripped From the RSA Conference Floor

The security industry wrapped up what has arguably become the most significant trade show in the security industry: RSA Conference. While it’s always interesting to see what challenges hold the industry’s attention and how vendors plan to address them, I find the most useful information comes from informal conversations with customers and industry colleagues as opposed to official booth presentations.

  • 0
  • 639

A phishing campaign about nothing

A new phishing campaign that has taken a Jerry Seinfeld-like approach with its scam by making the email about nothing by not including any text in the email body, just an attachment, is also abusing web hosting providers at a prodigious rate.

  • 0
  • 669

132 Google Play apps found containing malicious iframes

Researchers with Palo Alto Networks today reported finding 132 Android apps on Google Play whose HTML code was injected with hidden, malicious iframes, likely due to malware infecting a development platform used by the apps' creators. The apps, which were spawned by seven different developers, mostly contained carefully concealed HTML-based iframe tags that connected to two heavily obfuscated malicious domains.

  • 0
  • 682

132 Google Play apps tried to infect Android users with…Windows malware

It's a mystery that left researchers scratching their heads: 132 Android apps in the official Google Play market attempted to infect users with... Windows malware. The apps, which were spawned by seven different developers, mostly contained carefully concealed HTML-based iframe tags that connected to two heavily obfuscated malicious domains.

  • 0
  • 681

Old Windows malware may have tampered with 132 Android apps

More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers. The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.

  • 0
  • 630

"Gamaredon" Group Uses Custom Malware in Ukraine Attacks

The group has been active since at least mid-2013, but its activities were first detailed in April 2015 by LookingGlass. The security firm’s analysis focused on Operation Armageddon, a cyber espionage campaign targeting Ukrainian government, military and law enforcement officials.

  • 0
  • 694

Four Cybersecurity Resolutions for 2017

2016 was a big year for cybersecurity news, most of it not terribly encouraging. Still, the year did present the cybersecurity industry with several teachable moments that I believe all security professionals should heed as we move into a new year.

  • 0
  • 914

Integração impulsiona inteligência e inovação em Segurança Cibernética

C-Levels da Palo Alto Networks afirmam na RSA Conference que estratégias de segurança precisam ser pautadas em visibilidade e apontam a integração de tecnologias como a melhor aliada no combate ao cibercrime

  • 0
  • 763
Displaying 31 to 60 of 1471