Tenable

AUGUST 4, 2022

Analyzing the Vulnerabilities Associated with the Top Malware Strains of 2021. International cybersecurity agencies issue a joint alert outlining the top malware strains of 2021. While malware is used for a variety of purposes, the government agencies point out that ransomware is a primary use case. Background. Description.

Malware 74

Malware Windows SMB Groups 74

Darktrace

AUGUST 26, 2020

Darktrace’s Immune System has recently detected a resurgence of the Emotet banking malware in the network and email realms of numerous customers around the world. This blog looks at three case studies and explains the benefits of a unified approach to cyber security.

Network 130

Network Case Study Malware Banking 130

Tenable

APRIL 25, 2024

Background The Tenable Security Response Team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding an espionage campaign called ArcaneDoor. The campaign involves a reported state-sponsored actor who has been targeting vulnerable network devices including Cisco’s Adaptive Security Appliances (ASA).

Malware 69

Malware Analysis Groups Testing 69

Palo Alto Networks

MAY 12, 2023

According to a recent blog post by Unit 42 researchers, ChatGPT-themed scam attacks are on the rise. The researchers presented several case studies to illustrate the various methods scammers use to entice users into downloading malware or sharing sensitive information. Enterprise DLP also helps to prevent data exfiltration to ChatGPT.

ChatGPT 105

ChatGPT Artificial Inteligence Network Software Review 105

CableLabs

NOVEMBER 12, 2021

Securing the confidentiality, integrity, and availability of broadband traffic can be applied at different layers of networking technology. You may think of a digital certificate as a driver’s license for a cable modem to get onto the internet through a cable operator’s broadband network. Department of Defense for their own protection.

Network 87

Network Internet Technical Review Authentication 87

Palo Alto Networks

JULY 20, 2021

It’s the first network threat detection system delivered as a native Google Cloud service, built with the industry-leading security technologies of Palo Alto Networks. Erasing Network Security Blindspots Simplifies Compliance. Every VPC Gets Native, High-Performance Network Threat Detection.

Google Cloud 98

Google Cloud Network Cloud Scalability 98

Palo Alto Networks

AUGUST 10, 2020

Forrester has named Palo Alto Networks a Leader in its Forrester Wave : Enterprise Firewalls, Q3 2020 report. Today, the efficacy of our Next-Generation Firewalls is evident in the trust placed in Palo Alto Networks by 70,000 customers in more than 150 countries. . The 70+ innovative new capabilities in PAN-OS 10.0

Firewall 98

Firewall Network Report Enterprise 98

Palo Alto Networks

APRIL 19, 2024

On April 10, 2024 Palo Alto Networks Product Security Incident Response Team (PSIRT) learned of a suspicious exfiltration attempt at a customer site from Volexity's Steven Adair. Volexity and Unit 42 Threat Brief have more information about the type of malware seen in these attacks and indicators of threat activity.

Firewall 132

Firewall Systems Review Malware Software Review 132

Palo Alto Networks

APRIL 26, 2021

Networks have further expanded into the cloud, and organizations have reinvented themselves even while reacting and responding to new circumstances – and new cyberthreats. Network security is evolving to meet these challenges, and it’s critical to have the right cybersecurity strategy and partner.

Network 77

Network Cloud Data Center Malware 77

Aqua Security

SEPTEMBER 9, 2022

This blog was co-authored by Itamar Maouda Two years ago, the NSA (the United States' National Security Agency) revealed that Drovorub, an advanced Russian malware created by the GRU 85th GTsSS team, had been discovered targeting Linux systems. It has an advanced kernel rootkit that hooks several kernel functions.

Linux 139

Linux Malware Open Source Operating System 139

Palo Alto Networks

MAY 23, 2019

SOC Manager, will be giving attendees a rare glimpse into the Palo Alto Networks Security Operations Center (SOC). Here’s an exclusive preview of how we’ve used Cortex XDR to hunt, identify, and remediate a piece of persistent malware. How to hunt for persistent malware. Looking through these tabs, we find: 1. Step 5: Remediate.

Malware 57

Malware Weak Development Team Network Knowledge Base 57

Palo Alto Networks

NOVEMBER 8, 2021

1, 2021, Gartner named Palo Alto Networks a Leader for the tenth consecutive time in its Gartner® Magic Quadrant for Network Firewalls for 2021. We feel that our tenth recognition as a Leader in the Gartner Magic Quadrant for Network Firewalls gives us an opportunity to celebrate the transformative innovations of the last ten years.

Firewall 97

Firewall Network Malware Research 97

Tenable

AUGUST 30, 2023

In these attacks, UNC4841 leveraged multiple backdoor malware families, dubbed SALTWATER , SEASPY , SEASIDE , SUBMARINE (DEPTHCHARGE), and WHIRLPOOL. In a follow up blog post on August 29, Mandiant provided additional details from their investigation of the eight-month long campaign by UNC4841. Mandiant refers to this group as UNC4841.

Malware 114

Malware Software Review Systems Review Exercises 114

Lacework

JANUARY 24, 2024

In 2022, the Lacework Labs team discovered a new, large-scale threat called AndroxGh0st, a Python malware being used to exploit AWS keys. More alarmingly, this malware has been used by hackers to build a botnet, which is a network of compromised computers, to then be used for additional credential theft and launching further cyberattacks.

Malware 57

Malware AWS Network Analysis 57

CIO

MARCH 3, 2024

Also, printers are a shared resource so are widely connected in corporate networks, making them potentially open to attack through various avenues and useable as attack vectors for access to sensitive data and other systems. Doing penetration testing. encapsulates the low priority often assigned to printer security. Using zero trust.

Survey 278

Survey Malware Infrastructure Report 278

Palo Alto Networks

APRIL 26, 2021

Networks have further expanded into the cloud, and organizations have reinvented themselves even while reacting and responding to new circumstances – and new cyberthreats. Network security is evolving to meet these challenges, and it’s critical to have the right cybersecurity strategy and partner.

Network 52

Network Cloud Data Center Malware 52

Symantec

MARCH 8, 2022

In the first of a two-part series of blogs, we will delve deeper into Daxin, examining the driver initialization, networking, key exchange, and backdoor functionality of the malware.

Analysis 98

Analysis Malware Network 98

Darktrace

AUGUST 25, 2020

Darktrace’s Immune System has recently detected a resurgence of the Emotet banking malware in the network and email realms of numerous customers around the world. This blog looks at three case studies and explains the benefits of a unified approach to cyber security.

Network 59

Network Case Study Malware Banking 59

Tenable

APRIL 12, 2024

Segment your network into smaller zones to limit the possibility of lateral movement. Here's New Data ” (Hired) “ The 15 most in-demand tech jobs for 2024 — and how to hire for them ” (CIO) 5 - CISA’s new malware analysis tool now generally available Need suspicious files analyzed? You can now submit them to the U.S.

Generative AI 116

Generative AI Malware Trends Government 116

AlienVault

JULY 31, 2018

In this blog series, we’ll analyze different malware families, looking at the types of events generated on the endpoint and how we can use Osquery to detect them. The dropper spreads through email phishing and downloads the malware using a malicious Office macro. Let's start! File samples: [link].

Malware 40

Malware Analysis Network Windows 40

Tenable

FEBRUARY 24, 2022

The tactical information shared in this blog is designed to help you prepare your digital response to these rapidly unfolding events. This blog post was published on February 24 and reflects VPR at that time. Once inside a network, these threat actors will map the environment’s AD in order to connect to domain controllers (DCs).

Government 145

Government Malware Groups Telecommunications 145

Palo Alto Networks

FEBRUARY 9, 2021

Unit 42 published a report with details on the malware’s capabilities, “ BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech.”. BendyBear appears to be a variant of WaterBear, malware used for lateral movement while hiding its activities, due to strong similarities.

Tools 98

Tools Malware Software Review Firewall 98

AlienVault

DECEMBER 17, 2018

In part 1 of this blog series, we analyzed malware behaviour, and, in part 2 , we learned how to detect persistence tricks used in malware attacks. Imagine your company is being targeted by one of the latest threats and you want to detect the activity the malware is performing. Conclusion.

Malware 40

Malware Analysis Systems Review Software Review 40

Tenable

MARCH 1, 2024

And the most prevalent malware in Q4. Actors pose as company IT and/or helpdesk staff and use phone calls or SMS messages to obtain credentials from employees to access the target network,” the advisory reads. Plus, the latest guidance on cyberattack groups APT29 and ALPHV Blackcat. And much more! 1 - NIST’s Cybersecurity Framework 2.0

Artificial Inteligence 73

Artificial Inteligence Malware Generative AI Government 73

Tenable

FEBRUARY 9, 2024

critical infrastructure through exploitation of known vulnerabilities Background On February 8, Fortinet published an advisory (FG-IR-24-015) to address a critical flaw in FortiOS, its network operating system. CVE Description CVSSv3 Severity CVE-2024-21762 Fortinet FortiOS Out-of-bound Write Vulnerability in sslvpnd 9.6 FortiOS 6.0.0 (all

Malware 121

Malware Authentication Infrastructure Analysis 121

AlienVault

SEPTEMBER 6, 2018

In the first part of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In this post, we are going to see another common technique that malware uses persistence. The malware will be executed every time the user logs on. Registry Persistence.

Malware 40

Malware Analysis System Windows 40

Palo Alto Networks

JANUARY 18, 2022

How and why Palo Alto Networks Founder and CTO Nir Zuk envisions the need for applying a Zero Trust architecture for your private cloud’s digital transformation journey. How to assemble needed tools for protecting enterprise applications and users against malware, ransomware and exfiltration.

Cloud 89

Cloud Malware eBook Enterprise 89

Palo Alto Networks

JULY 8, 2020

Cortex XDR, the industry’s first extended detection and response platform, empowers customers to stop sophisticated attacks by integrating their endpoint, network and cloud data. All regional WildFire clouds provide consistent malware detection and prevention capabilities. Palo Alto Networks Service. Cloud Hosting Locations.

Network 55

Network Cloud Malware Storage 55

Palo Alto Networks

DECEMBER 29, 2022

Last year’s most popular posts on the Unit 42 Threat Research blog let us examine what the events of 2022 can tell us about the year to come. 23, a new variant of wiper malware, named HermeticWiper, was discovered in Ukraine. Top Malware. Beginning on Feb. 15, a series of distributed denial of service (DDoS) attacks commenced.

Malware 71

Malware Linux Telecommunications Government 71

Palo Alto Networks

FEBRUARY 21, 2020

On March 17, we’ll host a webinar called “ Leverage Your Firewall to Expose Attackers Hiding in Your Network ” to share tips on how you can use your firewall for network traffic analysis. Network traffic analysis (NTA) – sometimes called network detection and response – is one such tool that provides that visibility.

Firewall 57

Firewall Analysis Network How To 57

Palo Alto Networks

MAY 7, 2024

Precision AI by Palo Alto Networks is our proprietary AI system that helps security teams trust AI outcomes by using rich data and security-specific models to automate detection, prevention and remediation. Develop Malicious Code – Threat actors can use AI tools to create malware and other code, even if they don’t have coding skills.

Artificial Inteligence 52

Artificial Inteligence Weak Development Team Malware Off-The-Shelf 52

Palo Alto Networks

NOVEMBER 9, 2023

Our blog and video series, “ This is How We Do It, ” offers a behind-the-scenes, candid exposé of how Palo Alto Networks protects its security operations center (SOC) using its own solutions. This series provides insights into a non-traditional SOC structure vs. a conventional four-tier model.

Artificial Inteligence 78

Artificial Inteligence Artificial Intelligence Machine Learning Firewall 78

Tenable

JANUARY 19, 2024

In addition, the latest on the Androxgh0st malware. As a result, using unmanned aircraft systems UAS), more commonly known as drones, “requires careful consideration and potential mitigation to reduce risk to networks and sensitive information,” reads the joint advisory “ Cybersecurity Guidance: Chinese-Manufactured UAS.” The upside?

Infrastructure 71

Infrastructure Malware Government Technical Review 71

Palo Alto Networks

JUNE 6, 2023

In this third episode of " This Is How We Do It, " we delve into the world of artificial intelligence (AI) and machine learning (ML) with Billy Hewlett, leader of the AI research team here at Palo Alto Networks and grandson of Bill Hewlett from the Hewlett Packard Corporation. I'm most proud of machine learning in the firewall.

Firewall 52

Firewall Artificial Inteligence Machine Learning Malware 52

Palo Alto Networks

FEBRUARY 1, 2024

{{interview_audio_title}} 00:00 00:00 Volume Slider 10s 10s 10s 10s Seek Slider “AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, consulting, engineering and more.

Generative AI 107

Generative AI Artificial Intelligence Artificial Inteligence Social 107

Prisma Clud

DECEMBER 5, 2023

This combination promises many benefits for customers using Dig Security, as well as those who rely on Palo Alto Networks’ Prisma Cloud. Darwin + DDR : Dig’s pioneering data detection and response can help enrich network logs with data events, and allow security research and SOC teams to better identify data-related incidents in real time.

Cloud 52

Cloud Software Review Malware Analysis 52

Palo Alto Networks

JUNE 25, 2020

While the term “Zero Trust” may immediately make you think of network security, a proper Zero Trust strategy extends beyond network. With data and applications being accessed from distributed devices, the prevention-first approach and security policy should be consistent and coordinated between your endpoints and your network.

Strategy 98

Strategy Malware Machine Learning Artificial Inteligence 98