Tag: palo alto networks
Cybersecurity has become an ongoing war
In our business, assessing risk is crucial. There is a constantly evolving threat landscape, and cybercriminals are constantly introducing new techniques and developing existing ones. And as online connectivity grows, so does every organization's overall attack surface. Unit 42 are constantly conducting research examining the full scope of the ever expanding attack surface and constantly testing existing defenses. They play the role of cybercriminals, acting as white-hat hackers, if you like, in order to detect potential weaknesses. This research is conducted across the board and also directed at each client specific attacks surface. And when there is a breach, Unit 42 is there to detect and control it. They effectively act as wartime consiglieres – remember that the ongoing Russia/Ukraine conflict started in cyberspace. They must also act immediately to mitigate any breach that does occur. Constant research and testing of defenses are vital. We have to be right every time, but the cybercriminal gangs only have to be right once to effect a breach and perform a successful attack.
2025 forecast to be boom year for cybersecurity
California-based cybersecurity goliath Palo Alto Networks has issued a bullish revenue forecast based on a perceived rising global demand for artificial intelligence (AI)-driven security products. “In Q2 [2025], our strong business performance was fuelled by customers adopting technology driven by the imperative of AI, including cloud investment and infrastructure modernization," said CEO Nikesh Arora. “Our growth across regions and demand for our platforms demonstrates our customers' confidence in our approach. It reaffirms our faith in our 2030 plans and our $15 billion next-generation technology annual recurring revenue goal.”
MacOS users targeted by ‘infostealer’ malware
Apple computer users are suffering a growing number of ‘infostealer’ attacks across multiple regions and industries. These are a form of malicious software created to breach computer systems in order to steal sensitive information. The Palo Alto Networks Unit42 research group has detected a 101 percent increase in macOS infostealers in the last two quarters of 2024. The researchers identified three particularly prevalent macOS infostealers: Poseidon, Atomic, and Cthulhu. The developers of Atomic Stealer sell it as malware as a service (MaaS) in hacker forums and on Telegram. The Atomic Stealer operators usually distribute their malware via malvertising - the use of online advertising to spread malware. This typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. It is capable of stealing notes and documents, browser data such as passwords, and cookies, cryptocurrency wallets, and instant messaging data. Atomic Stealer, also known as AMOS was first discovered in April 2023.
AI gives the game away
The latest threat for companies using large language (LLM) AI software to replace human staff is the software’s innate gullibility. LLM software can be likened to some cowardly bank clerk in an old Western hold-up who not only willingly opens a back door for the bad guys but also willingly tells them the combination of the safe. The methods for persuading LLMs into naively disclosing the keys to the corporate kingdom are known as ‘LLM Jailbreak’ techniques. Palo Alto Networks Unit 42 researchers have named one such LLM Jailbreak, “Bad Likert Judge”.
Over 500k Accounts Affected by the Roku Breach – April 12th
Stemming from a breach earlier this year only affecting 15k Roku accounts, a second breach sees heavier implications, affecting over half a million of the company's subscribers. Roku claims that the hackers did not gain access to any financially sensitive customer information and assures that refunds would be made for unauthorized account purchases. For further security measures, Roku also enables a two-factor authentication for all accounts.
Convicted Russian Pleads Guilty to Ransomware Attacks – December 5th
The Department of Justice announced that the Russian national behind the malware tool Trickbot, used to launch ransomware attacks on American hospitals, pleaded guilty to his role in the malware tool's development. Trickbot was used to facilitate ransomware attacks on a string of American hospitals and health systems, disrupting care delivery and risking patient safety.
Cybersecurity Market To Reach $478B by 2030 – November 13th
Despite recent talk of a tech slowdown that reaches cyber, Allied Market Research reported that the market is poised to grow to $478.68B by 2030, with a 9.5% annual growth rate. The data predicting the cybersecurity market's growth was taken from Allied Market Research's “Cyber Security Market by Component, Solution, Deployment Model, Enterprise Size, and Industry Vertical: Global Opportunity Analysis and Industry Forecast, 2021–2030”.
Palo Alto Networks Acquires Talon Cyber Security – November 8th
Palo Alto Networks announced its purchase of Talon Cyber Security for $625 million to ramp up its merger and acquisition efforts. Palo Alto Networks credited the acquisition of Talon to its ability to navigate the challenges of today's connected digital environments.
Cloud security compromised by constant upgrades
There is mounting evidence that companies may have been naive in accepting Big Tech’s optimistic assurances that sensitive data can be stored more securely in the cloud than on the company’s own servers. In its latest Attack Surface Threat report, Silicon Valley-based cybersecurity firm Palo Alto Networks reveals that the cloud has now become “the dominant attack surface”, with four out of five security vulnerabilities observed in organizations across all sectors coming from a cloud environment.