Unit 42, the Palo Alto Networks research unit, has identified a malspam (malicious spam) campaign specially developed to affect Brazilian victims. Using fake tickets to distribute malware, criminals can steal data from victims' computers, including passwords and usernames.
Recent updates as part of Palo Alto Networks' PAN-OS 8.0 adds upgrades across cloud security, multi-method threat prevention, management at scale, credential threat prevention, and integrations with complementary vendors.
Army veteran and cyber security expert Rick Howard talks to the FT's Hannah Kuchler about the current state of cyber security, what we have learned from recent large-scale attacks known as WannaCry and NotPetya and what companies can do to try to guard against the next attack.
An enterprise's board of directors is there to steer the business. However, in some cases, it is wearing a security blindfold and the vehicle they are steering is drifting off the road.
A series of training sessions with Palo Alto Networks Inc. now shows that the classic strengths of the board can actually be weaknesses when it comes to shoring up the company, according to some of the output captured from those sessions and shared with Security Now.
The Palo Alto Networks NextWave Channel Partner Program is designed to help partners with technical differentiation and specializations, gain access to more profitable opportunities, simplify the way we interact with and support partners and to help them build sustainable, breach prevention-focused security practices.
The proliferation of internet of things devices tied into critical industries such as transportation and healthcare is changing the perspective on what constitutes critical infrastructure, according to government and industry experts who spoke at the 2017 CyberCon.
“The attack surface is going to expand greatly,” said Ret. Maj. Gen John Davis, vice president and federal chief security officer at Palo Alto Networks.
We have been hearing a lot of buzz about artificial intelligence (AI) for years, but more recently, the discussion within the cybersecurity industry has centered around machine learning (ML), an approach to AI that focuses on using algorithms to sift through data, learn from it and inform action based on the analytics, such as automatically preventing an unknown threat.
At least two cybersecurity firms have noticed that the notorious Lazarus threat group, which many experts have linked to North Korea, has been using a new piece of Android malware to target smartphone users in South Korea.
Long-lasting targeted attacks aimed at entities in the Middle East are difficult to attribute despite being analyzed by several researchers, Palo Alto Networks said this week.
Dubbed “MuddyWater” by the security firm because of the high level of confusion they have already created, the attacks took place between February and October 2017. The campaign has made use of a variety of malicious documents, and hit targets in Saudi Arabia, Iraq, Israel, United Arab Emirates, Georgia, India, Pakistan, Turkey, and the United States to date
You don't have to be a rocket scientist to fill jobs. But it takes one to figure out how the world will fill its 3.5 million cybersecurity jobs that are predicted to be open by 2021.
Sylvia Acevedo, a former rocket scientist for the NASA Jet Propulsion Laboratory in Pasadena, California — and now president of Girl Scouts of the United States of America, has partnered with Palo Alto Networks on a stroke of genius: training young girls on cybersecurity.
Veteran job seekers are more likely than non-veterans to be underemployed, despite the fact that the majority of employers report that veterans perform "better than" or "much better than" non-veterans, according to a survey released this week by ZipRecruiter and the Call of Duty Endowment. Meanwhile, there's a severe shortage of skilled U.S. workers needed for open technology jobs, particularly in the cybersecurity field.
Most people are aware of the potential threats looming online but a new trend called cryptojacking can steal a user’s computing power and use it to mine profitable cryptocurrencies for attackers. Unlike other attacks like adware that bombards a user with advertisements that can redirect them to spam-filled websites or malware that requires the user to download and install a piece of software, cryptojacking is relatively unintrusive and generally less harmful than other attacks—though that doesn’t make the intentions less malicious.
Increasingly, companies are connecting thousands of devices to the internet. From smart TVs to conference rooms to thermostats. Most of these devices have been built specifically to perform a single function, regardless of the safety factor. While this flow of technology is critical to the evolution of our digital age, it also presents a new layer of risk to organizations.
Board members pose a unique risk for business, but proper planning helps.
Within any organization, certain employees have access to information that could tip the scales of risk for the business. If a cybercriminal were to gain access to a company's most sensitive information through stealing credentials from one of these employees, the business could face serious financial and reputational repercussions.
When it comes to the public cloud, Palo Alto Networks said it is doubling down with partners.
The Santa Clara, Calif.-based security vendor has launched the pilot for a new Public Cloud Specialization, as part of its NextWave Partner Program.
Cybersecurity Awareness Month is, once again, upon us. At its core is an issue that can have a massive impact on organizations in every industry, public and private, large and small: successful cyberattacks and how to prevent them from happening in the first place.
In a digital threat landscape where businesses are constantly playing catch-up with new attack vectors and vulnerabilities, the best defense they have is the same thing that makes them such an appealing target for hackers: a mountain of data.
The booming price of Bitcoin and other crypto-coins has kicked off a gold rush among malicious hackers keen to cash in, warn security firms. Many sites are now harbouring code that secretly uses a visitors' computer to mine the valuable e-cash coins. Palo Alto Networks said it had found Coin-Hive on almost 150 separate domains. The most popular locations for the code were porn, video and file-sharing sites.
It’s commonly accepted that your users are the weakest link in your security chain. That is actually not true in a lot of cases, though. The reality is that your true Achilles heel is probably your board of directors. Rick Howard, chief security officer of Palo Alto Networks, pointed out that board members, on the other hand, are not employees and generally operate completely outside the scope and protection of your information security tools and policies—using personal computers and mobile devices.
Whether it's ransomware or a data breach, it feels like every day we read about a new cyberattack that leaves our organizations - or us, as individuals - at risk for cybertheft. Understanding the threat landscape is critical to prevent cyberattacks, and regardless of your title within the organization, understanding more of that landscape contributes to the well-being of the organization. October is National Cyber Security Awareness Month, so I sat down with Rick Howard, CSO at Palo Alto Networks to talk about the top five cybersecurity books that he recommends every CIO read to learn more about the cyberthreat playing field.
A group of hackers is using a sophisticated technique of hijacking ongoing email conversations to insert malicious documents that appear to be coming from a legitimate source and infect other targets participating in the same conversational thread.
A newly identified spearphishing campaign targeting banks, companies and individuals across Eurasia wielded particularly effective tactics and malware, according to new research published by the cybersecurity firm Palo Alto Networks.
A persistent wave of headlines about data breaches and cyberattacks reinforces that cybersecurity remains fundamental to the future of our digital age and preservation of the economic and societal benefits that the internet provides. While new technology innovations continue to bring tremendous benefits to business productivity and our way of life, our increasing digital dependence is also broadening the cyberthreat landscape and creating more risk for enterprises and consumers alike.
VICE News asked women who work in tech how they’d fix the industry’s gender gap, and they pointed to three main areas for improvement: hiring, education, and retention. We spoke to women at various stages of their careers to find out which of these areas needs the biggest push.
An analysis of a recently discovered webshell used to harvest credentials from an unnamed Middle Eastern organization has unearthed a complex malicious infrastructure that appears to be targeting Israeli institutions and may possibly be linked to the Iranian APT group OilRig, according to researchers.
DevOps is the most important innovation to the IT sector since the invention of the personal computer. Nearly everyone I have talked to in my travels, these past few years, says they are building their own DevOps shop.