2016 Verizon Data Breach Investigations Report (DBIR): Insights from Unit 42

The ninth annual edition of Verizon’s Data Breach Investigations Report (DBIR) has just been released, and Palo Alto Networks is proud to have contributed data and analysis to help make the report as comprehensive as possible. Palo Alto Networks is committed to sharing threat intelligence across the security industry, exposing the evolving nature of threats,

CryptoWall 3, the Cyber Threat Alliance and the Future of Information Sharing

Executive Summary The Palo Alto Networks vision for threat information sharing is that cybersecurity vendors should share the intelligence that they all individually collect with each other and with whomever else has the capacity to consume it. In that way, each vendor can build more innovative products with that superset of intelligence and better protect their

Understanding Global Application Usage and Threats to Enterprises

“A single arrow is easily broken, but not ten in a bundle.” – Japanese proverb Is prevention of cyber attacks impossible? Is trying to prevent attacks a waste of time? Should we spend all our time focused on incident response? These are constant questions in cybersecurity, and while the truth is that we can’t prevent

Operation Lotus Blossom: A New Nation-State Cyberthreat?

Today Unit 42 published new research identifying a persistent cyber espionage campaign targeting government and military organizations in Southeast Asia. The adversary group responsible for the campaign, which we named “Lotus Blossom,” is well organized and likely state-sponsored, with support from a country that has interests in Southeast Asia. The campaign has been in operation

CoolReaper Revealed: A Backdoor in Coolpad Android Devices

Coolpad is the sixth largest manufacturer of smartphones in the world, and the third largest in China. We recently discovered that the software installed on many of Coolpad’s high-end Android phones includes a backdoor which was installed and operated by Coolpad itself. Today we released a new report detailing the backdoor, which we’ve named “CoolReaper.”

Palo Alto Networks Addresses Bash Vulnerability Shellshock: Mitigation for CVE-2014-6271

Around 6:00 am PST on September 24, the details of a vulnerability in the widely used Bourne Again Shell (Bash) were disclosed by multiple Linux vendors. The vulnerability, assigned CVE-2014-6271 by Mitre, was originally discovered by Stephane Chazelas, a Unix and Linux network and telecom administrator and IT manager at UK robotics company SeeByte, Ltd.

Unit 42: A New Era In Threat Intelligence

Today we would like to officially introduce our new threat intelligence team, Unit 42, and announce the release of our first research paper, 419 Evolution. Unit 42 uses data collected from the Palo Alto Networks security platform to provide context into an attacker’s motivations and methods. Using our Critical Intelligence Requirements developed by our leadership, we