News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

APT28 uses car sales as phishing bait
B2B Cyber ​​Security ShortNews

In March 28, the Russian threat group Fighting Ursa, aka APT2024, used an advert for the sale of a car to spread the HeadLace backdoor malware. The target of the attack was probably diplomats. Palo Alto Networks' Unit 42 team has published a new research report that shows which specific phishing trick the Russian-backed threat actor "Fighting Ursa" (also known as "APT28" or "Fancy Bear") uses to attack diplomats. Specifically, it involves the sale of a car as a phishing bait to spread the HeadLace backdoor malware. Fighting Ursa is linked to Russian military intelligence in...

Read more

Cloud security: German companies use AI only selectively
B2B Cyber ​​Security ShortNews

According to a survey, almost all of the companies surveyed want to simplify their complex cloud security landscape. Half of them already use AI-based application development. German companies are even more cautious. The current report "State of Cloud-Native Security" by Wakefield Research on behalf of Palo Alto Networks examines the security practices, tools and technologies that companies around the world use to benefit from the advantages of cloud services and new application technologies. For the survey, Wakefield Research surveyed 20 managers and specialists from the areas of development, information security and information technology from...

Read more

Cloud security: Block threats in real time
B2B Cyber ​​Security ShortNews

New enhancements to Palo Alto Networks' AI-based security operations center (SOC) platform Cortex XSIAM integrate specific security technologies to improve cloud security. The increased vulnerability of cloud environments to common attack techniques poses major challenges for SecOps teams, as existing tools offer little insight into the cloud infrastructure (this is also shown by a current survey by Unit 42). With the expansion of Cortex XSIAM, Palo Alto Networks natively combines cloud detection and response functionalities in a unified solution. SecOps teams are empowered to identify and remediate cloud threats in real time. The main innovations…

Read more

OT security status report
B2B Cyber ​​Security ShortNews

A recent survey of industrial companies worldwide - including Germany - paints a worrying picture about the state of OT (operational technology) security. The report “The State of OT Security: A Comprehensive Guide to Trends, Risks, and Cyber ​​Resilience” from ABI Research and Palo Alto Networks, for which around 2.000 specialists and managers in 16 countries were surveyed, shows the reality, the extent and the changing nature of security threats to industrial environments. The core results at a glance: Almost 70 percent of industrial companies were affected by cyber attacks last year...

Read more

Cybercriminals are learning
B2B Cyber ​​Security ShortNews

Security researchers have released the 2024 Incident Response Report, which paints a worrying picture of increasing cyber threats. The insights are based on data that Unit 42 collects through its daily work: The incident response and threat intelligence teams help companies assess, respond to and recover from cyberattacks. The 2024 Incident Response Report shows that threat actors are becoming more sophisticated: they are more organized, work in specialized teams for different steps of attacks, and use IT, cloud and security tools. They work more and more efficiently because they have processes and playbooks...

Read more

Machine learning in cybersecurity
Machine learning in cybersecurity

For a dynamic and powerful security platform, machine learning (ML)-based tools can be an essential element. The technology can be used in a variety of tasks, such as detecting malware and network anomalies, categorizing user behavior, prioritizing vulnerabilities and threats, and also accurately predicting future attacks. Additionally, their use can help improve model risk, streamline threat classification – and even accurately predict immediate and potential attacks. In addition, ML-based automation relieves employees by minimizing manual effort. So ML has a lot…

Read more

How Medusa Ransomware works
B2B Cyber ​​Security ShortNews

Research team Unit 42 has released a new research report on the Medusa ransomware gang, revealing the threat actors' tactics, tools and procedures. Unit 42 noted an escalation in Medusa ransomware operations and a shift in tactics toward extortion, marked by the launch of a dedicated leak site (DLS) called Medusa Blog in early 2023. Medusa threat actors use this website to publish sensitive data of victims who are unwilling to meet their ransom demands. As part of their multi-extortion strategy, this group offers victims multiple options when their data is on…

Read more

CISOs in 2024
CISOs in 2024

What do CISOs think will happen in 2024? One is Sergej Epp, Chief Information Security Officer (CISO) for Central Europe at Palo Alto Networks. He presents his seven predictions for CISOs in 2024. In addition, the expert provides practical recommendations for action for each of these developments that companies can use to specifically protect themselves against new threats. Prediction 1: AI will challenge CISOs In the future, companies and IT departments will have difficulty defining the exact responsibilities for artificial intelligence (AI) in the company. At the same time, attackers are using Large Language Models (LLMs) and…

Read more

Connect IoT devices securely
Connect IoT devices securely

As the number of IoT devices increases, so does the risk of attack from known and unknown threats. The 2023 IoT Security Benchmark Report shows how organizations are using advanced IoT security to protect connected devices. The number of connected IoT devices will continue to grow in the coming years, reaching an average of over 2025 devices per company by 9.000. Unfortunately, most existing IoT security solutions do not have any built-in prevention or enforcement measures. They often use legacy, signature-based detection methods that focus on known devices. Inadequate IoT security has been a factor in several spectacular security incidents in the...

Read more

Consolidation for comprehensive cloud security
Consolidation for comprehensive cloud security

Using cloud technologies to drive innovation, streamline processes, and stay competitive comes with challenges. This is especially true for maintaining a robust and consistent security structure in an increasingly complex digital environment. The rapid adoption of cloud technologies and digital transformation initiatives have prompted many organizations to seek point solutions to solve specific cloud security problems. This often leads to tool proliferation, Palo Alto Networks observes, which introduces another set of challenges that hamper the ability to manage cloud security...

Read more