Here’s a roundup of this week’s top Palo Alto Networks news.
Following a recent study of apps in the Google Play Store, Unit 42 discusses several security risks caused by the bad certificate management practiced in many Android apps, from social to mobile banking.
By and large, there’s been a lot of talk about the Internet of Things. So far, however, most of the focus concerns what happens when attackers sets their sights upon a device. These stories derive from the notion that many of these devices are potentially vulnerable and essentially unpatchable. Many network-connected devices have vulnerabilities that cannot be fixed easily. This became glaringly obvious with the growing awareness on the vulnerabilities found in SCADA devices, which led to the development of better sets of best practices for network segmentation and isolation as well as threat prevention against the vulnerabilities of these systems.
In recent months, a new narrative has taken shape on the Internet of Things, which stems from an inversion of the hypothesis above. Instead of thinking about how to protect against an attack on a network connected device, what can we do about the network connected devices that are doing the attacking? …Continue reading