Date

Education and Professional Services

Displaying 3001 to 3030 of 4217

DTLS Vulnerabilities in CVE-2014-6321

Microsoft recently released a patch for a critical vulnerability in Microsoft Secure Channel (aka Schannel).  This vulnerability is being referred to as MS14-066.  The patch addressing CVE-2014-6321 fixed many areas within schannel.dll, including at least two vulnerabilities related to the handling of the Datagram Transport Layer Security (DTLS) protocol. DTLS is used by Microsoft Remote
Jin ChenShengming Xu,
  • 0

How Malware Trends Affect Key Industries, From Healthcare to High Tech

Today we released our first Threat Landscape Review, which takes a high-level view of how malware is delivered to networks across major industries around the world. The data used for this report was derived from Palo Alto Networks WildFire™, which automatically identifies threats from malware over a wide array of applications by executing them in
Ryan Olson,
  • 0

Cybersecurity Lessons Learned in 2014

  • 0
  • 3633

Cybersecurity Lessons Learned in 2014

  • 0
  • 2153

Learn More About WireLurker and the Impact to OS X and iOS

Recently Palo Alto Networks researcher Claud Xiao discovered WireLurker, a new family of Apple OS X and iOS malware with characteristics unseen in any previously documented threats targeting Apple’s popular desktop and mobile platforms. Much has happened since Claud’s discovery, so we’re pleased to present a new webinar covering WireLurker information and the potential impact
Chad Berndtson,
  • 0

Code to Trigger MS14-066 ECDSA Server BOF Vulnerability

Microsoft recently released a patch for a critical vulnerability in Microsoft Secure Channel (aka Schannel).  This vulnerability is being referred to as MS14-066. A description of how to trigger the MS14-066 ECDSA Heap Buffer Overflow vulnerability was posted by BeyondTrust, which also explained the research method used in narrowing down where this vulnerability presented itself. 
IPS Team,
  • 0

Follow-On to VBA-Initiated Infostealer Campaign: Exploring Related Malware and Actors

In late October, we began examination of a VBA-initiated Infostealer campaign. This blog post follows up on additional information we gathered on related malware and associated actors. Pivot On Initial Predator Pain Sample C2 In our previous post, we identified two Command and Control (C2) fully qualified domain names (FQDNs) for the initial Predator Pain
Rob Downs,
  • 0

Predictions 2015: prevention of threats

  • 0
  • 1923

Palo Alto Networks To Present on Securing the Internet of Things at IGNITION 2014

Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, today announced that Nir Zuk, founder and CTO of the company, will be presenting at the 5th annual IGNITION: Future of Digital conference in New York City on December 3, 2014.
Santa Clara, CA
  • 0
  • 578

Addressing CVE-2014-6332 SWF Exploit

Continuing a recent trend in which Internet Explorer vulnerabilities are exploited using Flash, samples of an SWF purportedly used in conjunction with CVE-2014-6332 have appeared in several places. The most famous examples of this trend are the exploits for CVE-2014-0322 and CVE-2014-1776. We have yet to encounter the SWF sample with its original exploit attached,
Palo Alto Networks,
  • 0

3 expectations for security in 2015

  • 0
  • 1920

Palo Alto Networks Reports Fiscal First Quarter 2015 Financial Results

Palo Alto Networks Reports Fiscal First Quarter 2015 Financial Results
Santa Clara, CA
  • 0
  • 1609

Protecting Users from iOS App Provisioning Profile Abuse

Recently, we announced the discovery of WireLurker, a new family of malware that abuses app provisioning profiles to install potentially malicious apps on any iOS device, regardless of whether it is jailbroken.  Shortly after, FireEye highlighted the Masque Attack, which also relies on malware apps signed by provisioning profiles and had previously been disclosed by
Zhi XuAndrey TverdokhlebSoundarya SivaramakrishnanClaud XiaoYongjie Yin,
  • 0

Don’t Forget to Subscribe to Unit 42 Threat Intelligence Alerts

Want to have all of the latest insights, research and threat intelligence from our research team delivered right to your inbox? You can.   Provide us your e-mail here in the “Get Updates” box, and you’ll receive updates to the Unit 42 threat intelligence blog as they happen, as well as information on upcoming Unit 42
Chad Berndtson,
  • 0

How Palo Alto Networks Can Help With ASD's Top Cyber Intrusion Mitigation Strategies

The Australian Signals Directorate (ASD) plays a lead role in protecting Australia’s critical infrastructure from cyber intrusions that pose real and present threats to Australia’s national security. ASD has recommended 35 and mandated that four of the mitigation strategies be implemented in every government agency.
  • 2
  • 405

Tracking the WireLurker Arrests

Well that was fast. Not quite ten days after we released our white paper on WireLurker, arrests have already been made in China.  WireLurker is a new family of malware specifically targeting iOS devices via USB.  There is WireLurker malware for both Mac OS X and Microsoft Windows operating systems. WireLurker works by looking for
Jen Miller-Osborn,
  • 0
Displaying 3001 to 3030 of 4217