Posts created by: Ryan Olson

Unit 42 leaders Ryan Olson and Rick Howard present another another episode of their “Don’t Panic” podcast, where they break down the big issues in cyber security and tell you why you don’t need to panic. This week’s episode is about Watering Hole attacks. This technique involves compromising specific websites to target their readers with malware.

We proudly present to you the new Unit 42 website

“When it comes to realistic predictions for the year ahead, my philosophy is simple: there are certain trends that research shows will continue to move upward.” Ryan Olson, VP of Threat Intelligence, looks at what can be expected in 2019.

Unit 42’s Don’t Panic Podcast returns with season 3.

Unit 42 examines some of the forces driving the recent and significant increase in cryptocurrency mining malware

Introducing the adversary playbook by Unit 42. First up, OilRig.

Palo Alto Networks was recently credited with the discovery of four new vulnerabilities affecting Adobe Flash Player. Researcher Tao Yan discovered critical vulnerabilities CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985 affecting Adobe Flash Player. Descriptions of each, as well as details on affected versions and products, are included in the Adobe Security Bulletin. Adobe has released security updates

Palo Alto Networks was recently credited with the discovery of eight new vulnerabilities affecting Adobe Flash Player. Researcher Tao Yan discovered critical vulnerabilities CVE-2016-4182, CVE-2016-4237, CVE-2016-4238, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, and CVE-2016-4285 affecting Adobe Flash Player. Descriptions of each, as well as details on affected versions and products, are included in the following Adobe Security

Four Palo Alto Networks threat intelligence researchers were recently recognized in the Microsoft Security Response Center (MSRC) Bounty Program Top 100 list announced at Black Hat USA 2016. Congratulations to Bo Qu, Tao Yan, Hui Gao,  and Tongbo Luo!

Palo Alto Networks researchers were recently credited with the discovery of an Apple product vulnerability. Researchers Tongbo Luo and Bo Qu discovered a WebKit vulnerability (CVE-2016-4589) affecting Safari in Apple iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later, and Apple TV (4th generation).

Palo Alto Networks researchers discovered two new critical Internet Explorer (IE) vulnerabilities affecting IE versions 9, 10, and 11. Both are included in Microsoft’s July 2016 Security Bulletin, and documented in Microsoft Security Bulletin MS16-084. In our continued commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the Microsoft Active Protections Program

Palo Alto Networks researchers were recently credited with discovery of two new Apple product vulnerabilities. Researchers Tongbo Luo and Bo Qu discovered a webkit vulnerability (CVE-2016-1855) affecting Safari in OS X Mavericks v10.9.5, OS X Yosemite v10.10.5 and OS X El Capitan v10.10.5.

Today Unit 42 published our latest paper on ransomware, which has quickly become one of the greatest cyberthreats facing organizations around the world. As a business model, ransomware has proven to be highly effective in generating revenue for cybercriminals in addition to causing significant operational impact to affected organizations. It is largely victim agnostic, spanning

The ninth annual edition of Verizon’s Data Breach Investigations Report (DBIR) has just been released, and Palo Alto Networks is proud to have contributed data and analysis to help make the report as comprehensive as possible. Palo Alto Networks is committed to sharing threat intelligence across the security industry, exposing the evolving nature of threats,

Palo Alto Networks researchers Tongbo Luo and Hui Gao were credited with the discoveries of new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9, 10 and 11 on affected Windows clients. These vulnerabilities are documented in Microsoft Security Bulletin MS15-106 and MS15-112.