Palo Alto Networks® (NYSE: PANW), the next-generation security company, today revealed details of a new “BackStab” attack used to steal private information from mobile device backup files stored on a victim’s computer. A white paper from the company’s Unit 42 threat intelligence team explains how cyberattackers are using malware to remotely infiltrate computers and execute BackStab attacks in an unprecedented fashion.
Used to capture text messages, photos, geographic location data, and almost any other type of information stored on a mobile device in their possession, BackStab has been employed by law enforcement and cyberattackers alike. The Unit 42 white paper shows how BackStab attacks have evolved to leverage malware for remote access and why Apple® iOS devices have been a primary target for attacks, as the default settings in iTunes® store unencrypted backup files in fixed locations and automatically sync devices when they are connected to a user’s computer.
“Cybersecurity teams must realise, just because an attack technique is well-known, that doesn’t mean it’s no longer a threat. While conducting our research into BackStab attacks, we gathered over 600 malware samples from 30 countries around the world that were used to conduct remote BackStab attacks.”
Read more ❯
June 16, 2015 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has announced the appointment of Sean Duca as Vice President & Regional Chief Security Officer (CSO) for Asia Pacific.
Duca, who is based in Sydney, Australia, will be responsible for the development of threat intelligence security best practices and thought leadership for Palo Alto Networks in the region. This includes strengthening security initiatives and maintaining good channels of communications and support for Palo Alto Networks’ customers across Asia Pacific. Sean also will be a key addition to the Palo Alto Networks Threat Intelligence team, Unit 42, actively contributing to an APAC perspective on the latest findings of cyber threats.
With more than 17 years of experience in the IT security space, Duca is widely recognised as a thought leader in the technology industry. He has provided expert guidance and advice to the Australian government around online safety issues, and on cybersecurity matters to the public and private sector within Asia Pacific. Read more ❯
Research spotlights new malware family distributed through trojanised and repackaged Apple OS applications
Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has announced discovery of a new family of Apple OS X and iOS malware exhibiting characteristics unseen in any previously documented threats targeting Apple platforms. This new family, dubbed WireLurker, marks a new era in malware across Apple’s desktop and mobile platforms, representing a potential threat to businesses, governments and Apple customers worldwide.
Among its defining characteristics, WireLurker represents:
- the first known malware family that can infect installed iOS applications similar to how a traditional virus would
- the first in-the-wild malware family that can install third-party applications on non-jailbroken iOS devices through enterprise provisioning
- only the second known malware family that attacks iOS devices through OS X via USB
- the first malware family to automate generation of malicious iOS applications through binary file replacement.
Premier value-added distribution network to provide worldwide push for industry’s fastest-growing enterprise security platform
August 29, 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, and Westcon Group, the value-added distributor of security, unified communications, network infrastructure, and data centre solutions, has announced that the companies have expanded their global distribution agreement. The deal opens up new markets throughout the world for the industry’s fastest-growing enterprise security platform, empowering resellers using highly integrated global distribution capabilities.
Palo Alto Networks and Westcon Group have held regional distribution relationships for several years. As teams and processes align at a global level, the companies will soon do business in more than 40 countries. Over the next few years, Palo Alto Networks and Westcon Group will invest in every theatre to take advantage of shared momentum, providing resellers access to a full technology ecosystem and more efficient global business operations.
New research shows potential for attack in more than 94 per cent of popular Android mobile applications
August 28, 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has presented new research highlighting security risks in the internal storage used by applications on Google Android devices. More than 94 per cent of popular Android applications are potentially vulnerable.
Android Internal Storage is a protected area that Android-based applications use to store private information, including usernames and passwords. But as Palo Alto Networks research reveals, an attacker may be able to steal sensitive information from most of the applications on an Android device using the Android Debug Bridge (ADB) backup/restore function. In addition, most of the security enhancements added by Google to prevent this type of attack can be bypassed.
- anyone using a device running version 4.0 of Android – about 85 per cent of Android systems in use today – is potentially vulnerable
23 July 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has revealed that cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously been their primary targets.
419 Evolution, a new report released today from Unit 42, the Palo Alto Networks threat intelligence team, explains how Nigeria-based scammers are now using the same tools more sophisticated criminal and espionage groups often deploy to steal business-critical data from enterprises.
Nigerian criminals are infamous for running easily-spotted “419” phishing scams that attempt to collect credit card details or personal information from individuals, but over the past few years have expanded their skills to target businesses using more advanced techniques. Palo Alto Networks researchers discovered these activities and techniques, code-named Silver Spaniel, using WildFire, which rapidly analyses cyberthreats in a cloud-based, virtual sandbox environment.
Read more ❯
April 22, 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has announced it has been positioned by Gartner Inc. in the “leaders” quadrant of the April 15, 2014 “Magic Quadrant for Enterprise Network Firewalls.” This is the third year that Palo Alto Networks has been recognised as a leader in the Magic Quadrant for Enterprise Firewalls.
According to the report, “through 2018, more than 75% of enterprises will continue to seek network security from a different vendor than their network infrastructure vendor.” The report also states, “products must be able to support single-enterprise firewall deployments and large and/or complex deployments, including branch offices, multi-tiered demilitarised zones (DMZs) and, increasingly, the option to include virtual versions.”
* “We’re thrilled to once again be named a leader in Gartner’s Magic Quadrant for enterprise firewalls report. We believe this echoes the momentum we’ve been experiencing as enterprise organisations see the value of a truly next-generation security platform – one that safely enables all applications and proactively prevents cyber threats for all users on any device across any network.” Read more ❯
April 10, 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has announced that its security platform will continue to protect Windows XP-based clients after Microsoft ended support for the operating system (OS) on April 8, 2014.
“Hackers write exploit code that leverages vulnerabilities in all kinds of systems. One traditional control used to mitigate such an attack is to keep systems patched. Microsoft has stopped supporting patch development and deployment for Microsoft’s Windows XP operating system,” said Rick Howard, CSO at Palo Alto Networks.
“Because our next-generation security platform protects networks at the application, user and content levels, it can keep malware from infecting Windows XP systems without the need for continuous software patching. In other words, if you’re using Windows XP on a network protected by Palo Alto Networks, you’re covered.”
Palo Alto Networks offers customers multiple ways of protecting against potentially unpatched vulnerabilities in the OS and the exploits used against those vulnerabilities, including:
Read more ❯
April 2, 2014 – Palo Alto Networks® (NYSE: PANW), has announced a definitive agreement to acquire Cyvera, a privately held cybersecurity company located in Tel-Aviv, Israel. Under the terms of the agreement, Palo Alto Networks will acquire all of the outstanding capital stock of Cyvera for an aggregate purchase price of approximately $200 million (USD). The acquisition is expected to close during the second half of fiscal 2014, subject to customary closing conditions and regulatory reviews.
Named a cool vendor in security by Gartner in 2013 (“Cool Vendors in Security: Infrastructure Protection 2013”)*, Cyvera, which has 55 employees, has developed a highly innovative offering that protects enterprises from cyber threats by using a unique approach to block unknown, zero-day attacks on the endpoint.
The addition of this unique capability to the Palo Alto Networks enterprise security platform will extend customers’ ability to safely enable applications and protect users against known and unknown cyber threats on any device, across any network. Read more ❯
April 2, 2014 – Palo Alto Networks® (NYSE: PANW), the leader in enterprise security, has unveiled its state-of-the-art cybersecurity solutions lab at the company’s new regional headquarters in Singapore.
Designed to help companies combat the ever-growing threat to Asia Pacific cyberspace, the new high-tech facility comes as part of the relocation of Palo Alto Networks regional headquarters from Suntec City Tower 2, to its new home at 1 Temasek Avenue, Millennia Tower, Singapore.
The new regional headquarters and cybersecurity lab will provide customers the opportunity to learn about the latest cutting-edge technology for combatting cybercrime, including advanced persistent threat (APT) protection, firewall, IDS/IPS, and URL filtering. This is delivered via live hands-on demonstrations by cybersecurity experts of Palo Alto Networks or via proof-of-concept testing, on-site or from anywhere in the world via video conference.
Executive Deputy Chairman, Infocomm Development Authority (IDA) Singapore, Steve Leonard, was on hand to officially open the new regional headquarters, along with Mark McLaughlin, CEO of Palo Alto Networks.