The AUTR provides visibility into the real-world threat and application landscape, helping security teams to understand how adversaries are attempting to attack organizations around the world and build proactive, actionable controls. Built by the Unit 42 threat research team, the report correlates data from more than 7,000 enterprise organizations, providing broad visibility into critical trends.
Operation Lotus Blossom describes a persistent cyber espionage campaign against government and military organizations in Southeast Asia. The report exposes the targets, tools, and attack techniques, and provides full details on the Lotus Blossom campaign, including all indicators of compromise. Unit 42 discovered these attacks using the Palo Alto Networks AutoFocus™ platform, which enables analysts to correlate the results of the hundreds of millions of reports generated by WildFire™.
CoolReaper: The Coolpad Backdoor
New research from Unit 42 confirms security risk in Coolpad devices
Palo Alto Networks researchers have uncovered CoolReaper, a backdoor contained in millions of Android devices sold by manufacturer Coolpad. CoolReaper exposes users to potential malicious activity and appears to have been installed and maintained by Coolpad despite objections from customers.
Due to the unique way Coolpad modifies the Android OS, it is difficult for Android antivirus programs to identify and remove this backdoor.
Unit 42's Threat Landscape Review examines data from WildFire™, a key component of the Palo Alto Networks threat intelligence cloud, to identify how organizations in different industries are targeted and affected by malware.
In the past three months Palo Alto Networks has identified a series of attacks emanating from Nigerian actors against our customers in Taiwan and South Korea. Our team is tracking this activity under the code name Silver Spaniel. These attacks have deployed commodity tools that can be purchased for small fees on underground forums and deployed by any individual with a laptop and an e-mail address. Read the report by Palo Alto Networks Unit 42.
Today’s cyber attackers utilize an increasingly sophisticated set of evasion tactics. Disjointed techniques and a fragmented security approach leave enterprises prone to risk. The volume of attacks is rising, applying strain on a limited population of security specialists. It is essential that defenders and security specialists understand the trends and distributions in the attack landscape. This paper takes a survey of the Palo Alto Networks Threat Data generated across the customer base.
The Application Usage and Threat Report is the first report of its kind to provide an analysis of enterprise application usage and the associated threat activity. The report summarizes network traffic assessments performed worldwide in more than 3,000 organizations where 1,395 applications, 12.6 petabytes of bandwidth, 5,307 unique threats and 264 million threat logs were observed.
The Application Usage and Risk Report (7th Edition, May 2011) from Palo Alto Networks provides a global view into enterprise application usage by summarizing 1,253 application traffic assessments conducted between October 2010 and April 2011. The key findings and observations both globally and by specific countries are outlined in this report.
Data breaches. You’ve gleaned all you can from the headlines; now you have access to information directly from the investigator’s casebook. The 2008 Data Breach Investigations Report draws from over 500 forensic engagements handled by the Verizon Business Investigative Response team over a four-year period. Tens of thousands of data points weave together the stories and statistics from compromise victims around the world. What valuable insights can your organization learn from them? A sample of findings are discussed in the report.
In the face of government regulation such as the Health Insurance Portability and Accountability Act (HIPAA), personal health information (PHI) continues to leak into the public domain at an alarming rate, resulting in fraudulent insurance claims, identity theft and other costs to the health care industry. Research indicates PHI can easily be found on peer-to-peer (P2P) filesharing networks. But why?