Date

By Source

By Technology

By Services

By Audience

Displaying 2581 to 2610 of 9215

Evolution of SamSa Malware Suggests New Ransomware Tactics In Play

Ransomware is often in the headlines as new families are discovered on an almost weekly basis. Historically, these families have shared one similarity – they have all been deployed by attackers casting a wide net and largely being victim-agnostic. In most cases, the adversaries have used phishing emails and exploit kits in a ‘spray and pray’ style tactic. However, in recent months, a new trend seems to be emerging: targeted attacks where ransomware is deployed by threat actors after successfully gaining unauthorized access to an organization’s network. One malware family …

Josh GrunzweigBryan Lee,
  • 0

Campaign Evolution: Darkleech to Pseudo-Darkleech and Beyond

In 2015, Sucuri published two blog posts, one in March describing a pseudo-Darkleech campaign targeting WordPress sites, and another about its evolution the following December. Sites compromised by this campaign redirected unsuspecting users to an exploit kit (EK). The Sucuri posts describe patterns in the injected script related to this campaign. Since December 2015, patterns associated with pseudo-Darkleech have continued to evolve. Our blog post today will examine these changes. However, before we look at the recent developments, we should understand how EKs fit into the overall picture and review …

Brad Duncan,
  • 0

Architecture Matters

Every year, record levels of money are spent on new IT security technology – yet major breaches and compromises are more prevalent than ever. The concept of “layered security” – in which an organization supports a wide variety of security technologies in order to discourage attackers – doesn’t seem to be working. It’s time to rethink IT security – not just the technology, but the way it’s approached from a strategic, architectural perspective.

  • 1
  • 779

How to duplicate settings among multiple templates

At times you may want to duplicate/reconfigure Network or Device tab settings for multiple templates. For example, if you have N number of templates but want to share the same Administrator accounts, LDAP servers, etc among all of them you can duplicate or reconfigure settings.    There are two options to

abjain,
  • 0

Deploying updates from Panorama fails with error "No matching contents package found"

Symptoms   While deploying updates from Panorama to managed devices, the install fails with the error: "No matching contents package found in panupv2-all-apps-XXX-YYYY".       Diagnosis While deploying updates from Panorama, the panupv2-all-apps-XXX-YYYY was deployed instead of panupv2-all-content-XXX-YYYY.   panupv2-all-apps-XXX-YYYY is to be deployed/installed on Panorama and Log Collectors, or firewalls not

abjain,
  • 0

Lessons from Cyber Storm V

Two weeks ago, the U.S. Department of Homeland Security (DHS) conducted a national-level exercise, Cyber Storm V, designed to test the nation’s Emergency Preparedness procedures. Palo Alto Networks participated by providing cybersecurity expertise during the planning process and as players by using the exercise to test our own internal cyber incident crisis management plan. The players, located across the United States and around world, cut across multiple sectors and spanned numerous industries, provided real-time input in order to test our ability to combat cybersecurity threats. The game’s diabolical scenario tested …

Rick Howard,
  • 518

Achieving Continuous Protection with Highly Available Next-Generation Firewall Deployments

Network outages and cyberattacks cause unplanned downtime. And most organizations are seeing dramatic growth both in data center traffic and the use of web-scale ready applications. These trends have resulted in an increased density of business-critical workloads driving requirements for high availability network designs that can handle workload mobility and business continuity. To ensure highly available and continuous protection of network infrastructures, Palo Alto Networks Next-Generation Security Platform supports active/passive and active/active high availability deployment modes. Active/passive high availability remains the most commonly deployed method of stateful failover for three …

Sai Balabhadrapatruni,
  • 246

Locky Ransomware Installed Through Nuclear EK

In February 2016, Unit 42 published detailed analysis of Locky ransomware. We certainly weren’t the only ones who saw this malware, and many others have also reported on it. Since that time, Locky has been frequently noted in various campaigns using malicious spam (malspam) to spread this relatively new strain of ransomware. When we initially reported on Locky, attackers were distributing the malware using Microsoft Office documents with malicious macros to download and execute the ransomware. Attackers quickly added another tactic, sending e-mails with zip attachments containing malicious Javascript files …

Brad Duncan,
  • 0

Lightboard Series: Autoscaling GlobalProtect in AWS

This Lightboard video is an overview on how to automatically scale GlobalProtect remote access solution up and down to meet real time demand while reducing costs.

  • 0
  • 1622

Securing SaaS For Dummies

Download Securing SaaS for Dummies now. You'll learn to find and control SaaS usage in your networks and protect sanctioned SaaS usage.

  • 4
  • 6344

Lage der IT-Sicherheit in Deutschland

Der „Bericht zur Lage der IT-Sicherheit in Deutschland 2015“, den das Bundesamt für Sicherheit in der Informationstechnik (BSI) 2015 vorgestellt hat, weist darauf hin, dass viele Unternehmen das Patch-Management vernachlässigen – sowohl für Standard-Software als auch für die Steuerungssysteme von Industrieanlagen. Für Greg Day, Palo Alto Networks, ist es aber zu einfach hier den Unternehmen den Schwarzen Peter zuzuschieben.

  • 0
  • 430

Will the EU’s new data laws wake up CEOs on cyber security?

Businesses in Europe are still putting far too much responsibility and accountability for cyber security on the IT department – but will new EU regulations change that?

  • 0
  • 438

Fortigate Services being truncated by MT.

Hi,      When I import the conf file from my FG5001B, the services that have more than 1 TCP or UDP port listed are truncated to only the first port number listed and the rest are lost.   Is there a fix for this?

Safo,
  • 0

Palo Alto Networks News of the Week – March 19

Check out all of the top Palo Alto Networks news from the past week right here. Unit 42 found the Digital Quartermaster scenario demonstrated in various attacks against the Mongolian Government. Researchers from Unit 42 also identified AceDeceiver, the first iOS trojan exploiting Apple DRM design flaws that can infect any iOS device.

Anna Lough,
  • 265

PAN-OS 7.1 Resource List

The table shows Live Community resources for PAN-OS 7.1, a brief description of the topic area, and the type of resource offered, a video tutorial or article.   TITLE DESCRIPTION TYPE PAN-OS 7.1 SaaS visibility and control SaaS Video Tutorial PAN-OS 7.1 UI - WebGUI update UI-WebGUI Video Tutorial PAN-OS

arsimon,
  • 1

Migration when new Palo's are not available

Hi,   I am migrating two ASA configurations to a single palo alto. This palo will be managed via Panorama. I am preparing for the migration. Panorama will be installed at customer site in few days. Is there a way to "export" converted configuration in a set command format so

o2networks,
  • 0

Unable to add a threat ID in DNS signatures for DNS sinkhole

Issue When trying to add a specific threat ID for DNS spyware related threat inside Objects > Security profiles > Anti-spyware > Profile > DNS signatures > Threat ID exceptions, you may get the following error:   Threat must be a value in range 3800000-4999999 or 5800000-5999999    

rchougale,
  • 0

Week 12 recap

Time out for March Madness—the National Collegiate Athletic Association (NCAA) basketball tournaments! Dashing talent dreaming of the pros, and caching talent streaming by the droves—on your time and with your dime. Palo Alto Networks, using tools and technologies like App-ID and QoS, creates custom signatures to address video streaming, so

editeur,
  • 0

Обзор платформы безопасности нового поколения Palo Alto Networks

Video (Russian): Application Usage and Threat Report (AUTR) Webinar Part 1   В данном видео будут рассмотрены возможности платформы безопасности нового поколения от Palo Alto Networks для идентификации и контроля приложений, пользователей/групп пользователей, функции защиты, включающие антивирус, защиту от эксплоитов и вторжений, защиту от ботнетов, включая анализ подозрительных DNS запросов,

editeur,
  • 0

Cybersecurity For Dummies

Next-generation cybersecurity provides visibility, control and integration of threat‐prevention disciplines needed to find and stop security threats.

  • 0
  • 3758

Channel Scoop – March 18, 2016

Sit back and relax. Let us do the information gathering and give you the channel scoop. In case you missed the Q3 NextWave Huddle, a replay is available on the Partner Portal.

Lang Tibbils,
  • 249

Locky: New Ransomware Mimics Dridex-Style Distribution

Ransomware persists as one of the top crimeware threats thus far into 2016. While the use of document-based macros for ransomware distribution remains relatively uncommon, a new family calling itself “Locky” has borrowed the technique from the eminently successful Dridex to maximize its target base. We first learned of Locky through Invincea and expanded on qualifying this threat with the help of PhishMe. Locky has also gained enough traction to find its way onto Dynamoo’s Blog and Reddit. Using Palo Alto Networks AutoFocus, Unit 42 observed over 400,000 individual sessions …

Brandon LeveneMicah YatesRob Downs,
  • 0

Apple OS target of another malware campaign in China

A new malware strain, AceDeceiver, that exploits a flaw in Apple's DRM software to target iOS devices through Windows PCs, has been detected by researchers at Palo Alto Networks

  • 0
  • 423

Hack Brief: No Need to Freak Out Over That Chinese iPhone Malware

THE SECURITY TRACK record of Apple’s locked-down mobile operating system has been so spotless that any hairline fracture in its protections makes headlines. So when security researchers revealed that a new flavor of malware known as AceDeceiver had found its way onto as many as 6.6 million Chinese iPhones, the news was covered like a kind of smartphone bird flu, originating in Asia but bound to infect the globe. But for iPhone owners, the lesson is an old one: Don’t go to extraordinary lengths to install sketchy pirated apps on your phone, and you should be fine.

  • 0
  • 496

New Apple iPhone Malware Exploits DRM Mechanism To Spread

A new family of Apple iOS malware that has begun affecting users in China is another reminder of why it is generally not a good idea to jailbreak your iPhone or to download pirated software from unofficial mobile app stores.

  • 0
  • 424

Hack Brief: No Need to Freak Out Over That Chinese iPhone Malware

THE SECURITY TRACK record of Apple’s locked-down mobile operating system has been so spotless that any hairline fracture in its protections makes headlines. So when security researchers revealed that a new flavor of malware known as AceDeceiver had found its way onto as many as 6.6 million Chinese iPhones, the news was covered like a kind of smartphone bird flu, originating in Asia but bound to infect the globe. But for iPhone owners, the lesson is an old one: Don’t go to extraordinary lengths to install sketchy pirated apps on your phone, and you should be fine.

  • 0
  • 344

New Apple iPhone Malware Exploits DRM Mechanism To Spread

A new family of Apple iOS malware that has begun affecting users in China is another reminder of why it is generally not a good idea to jailbreak your iPhone or to download pirated software from unofficial mobile app stores.

  • 0
  • 405

AceDeceiver Malware Targets Non-Jailbroken iOS Devices

Typically, iOS malware affects jailbroken iPhones, but Palo Alto Networks has identified a new family of iOS malware that infects non-jailbroken devices.

  • 0
  • 440

PAN-OS 7.1 Support for VMware tools on PA-VM platforms and Panorama VM

What are VMware tools? A package of binaries, scripts and drivers provided by VMware. When installed on a virtual appliance, VMware tools allow the VI admins additional management capabilities, such as access to management IP and resource utilization telemetry data through the vCenter Server.   Challenge Enterprises use VMware-provided management

jdelio,
  • 0
Displaying 2581 to 2610 of 9215