News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Palo Alto Networks

Creative scams using chatbots
30 April 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The dark side of ChatGPT's popularity is that it also draws the attention of scammers who try to profit from using phrases and domain names that appear related to the site. Between November 2022 and early April 2023, Unit 42 saw a 910% increase in monthly registrations for ChatGPT-related domains. Unit 42 also observed a 17.818 percent growth in related squatting domains from DNS security logs during this period. Unit 42 also recorded up to 118 detections per day of malicious URLs related to ChatGPT, which…

Read more

IT threats: for a handful of dollars
18. February 2023
| No comments
| PR News, Stories
IT threats: for a handful of dollars

In the new, hybrid world, IT users work from anywhere - with many new ways to connect applications and devices. This places a great deal of responsibility on end users, as many of the most common and widespread threats, such as phishing, are designed to interact with end users. This fact often makes people, rather than technology, an organization's first line of defense to ward off attackers. For the best possible protection, organizations need to know what to protect against and how to educate all employees about the latest threats...

Read more

Source of risk open source licenses
6. February 2023
| No comments
| Stories
Source of risk open source licenses

While vulnerabilities in open source code continue to make headlines, such as Other technologies, such as Heartbleed and Log4Shell, go unnoticed by a hidden source of open source risk - non-compliance with open source licenses. Open source software licenses are a major source of risk, Palo Alto Networks believes, because even a single non-compliant license in the software can lead to legal action, time-consuming remedial actions, and delays in getting a product to market. Despite the obvious risk, being compliant with licensing regulations is no easy feat. The variety of open source licenses and the difficulty of determining which licenses apply to a piece of software makes…

Read more

Cybersecurity challenges
26 January 2023
| No comments
| PR News
Cybersecurity challenges

Even if the beginning of the year went largely without spectacular cyber attacks, Sergej Epp from Palo Alto Networks expects anything but a decrease in risks and threats in terms of cyber security. Essentially, he sees eight growing challenges, but also gives advice on possible solutions to most of the upcoming tasks. With the rise and risk of supply chain attacks, factors such as cyber resilience, vulnerability assessments and the level of cyber insurance will become part of the selection criteria for doing business. Recommendation for action: Companies should classify their suppliers based on their risk situation...

Read more

Detect zero-day exploits through machine learning
14 December 2022
| No comments
| Stories
Detect zero-day exploits through machine learning

Code injection is an attack technique that attackers often use, for example in zero-day exploits, to launch arbitrary code on victims' machines via vulnerable applications. Why signatures are not enough for intrusion prevention systems - how machine learning can help. Given the popularity of code injection for exploits, Palo Alto Networks has found that pattern-matching signatures are often used to identify network traffic anomalies. However, injections can come in numerous forms, and a simple injection can easily bypass a signature-based solution by adding foreign strings...

Read more

Domain Shadowing - DNS Compromise for Cybercrime
2 December 2022
| No comments
| Stories
Domain Shadowing - DNS Compromise for Cybercrime

Cyber ​​criminals compromise domain names in order to attack domain owners or users directly, or use them for various nefarious ventures such as phishing, malware distribution, and command-and-control (C2) operations. A special case of DNS hijacking is known as domain shadowing, where attackers secretly create malicious subdomains under compromised domain names. Shadow domains do not affect the normal operation of the compromised domains, making them difficult to detect by victims. The inconspicuousness of this subdomain often enables the perpetrators to exploit the good reputation of the compromised domain for a long time....

Read more

IoT: Are SASE and Zero Trust the key?
30 November 2022
| No comments
| Stories
IoT: Are SASE and Zero Trust the key?

Are SASE and Zero Trust the key to secure IoT implementation in production environments? As manufacturing companies dive headfirst into smart factory initiatives, the number of IoT devices in factories, warehouses, and across supply chain infrastructure is exploding. Companies want to use the Internet of Things in various places, e.g. B. with the help of video cameras on the assembly line, temperature sensors on cooling units or telemetry sensors for the maintenance of factory facilities. But while trying to capitalize on the tremendous business benefits of intelligent devices in the industrial IoT, they must also weigh the potential risks that…

Read more

Ransom Cartel ransomware-as-a-service comes from REvil?
18 November 2022
| Ein Kommentar
| Short news
B2B Cyber ​​Security ShortNews

IT security provider Palo Alto Networks and its malware analysis team Unit42 report new findings on "Ransom Cartel" - a ransomware as a service (RaaS) provider that first surfaced in mid-December 2021. Technically, there is overlap with the REvil ransomware. This group of criminals perform dual ransomware attacks and share several similarities and technical overlaps with REvil ransomware. REvil ransomware disappeared just months before the ransomware cartel emerged and just a month after 14 of its suspected members were arrested in Russia. When Ransom Cartel first emerged, it was unclear if it...

Read more

Incident Response: The Optimal Emergency Response Plan 
21 October 2022
| No comments
| Stories

In recent years, IT and security teams have faced various developments. Mass adoption of the cloud, increasingly sophisticated attacks, the shift to working from home, and other factors have created a changing environment. As a result, an incident response plan or emergency response plan from a few years ago no longer meets current requirements. No company wants to be reactive in the event of a security incident. A proactive approach with a solid IR plan helps organizations respond quickly and effectively and resume normal operations as quickly as possible. Many…

Read more

Findings on the Black Basta ransomware group
September 21, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Unit 42, Palo Alto Networks' malware analysis team, has released a report detailing the Black Basta ransomware group, which first appeared in April 2022 and has been on the rise ever since. Since the emergence of ransomware, members of the group have been very active in distributing and extorting companies. The attackers run a cybercrime marketplace and blog where the group lists their victims' names, descriptions, publication percentage, number of visits, and any data exfiltrated. Black Basta runs its own leak page Although the…

Read more

© 2024 MedPressIT GbR
Cookie Settings