You’ve Never Seen Love This Deep For An Enterprise Security Platform

posted by: on October 28, 2014 6:00 AM

filed in: Cybersecurity
tagged: , ,

Once in a while, you come across a story that grabs your attention and makes you wonder how it would apply to your own situation. Last year, one such story was the film ‘Her.’ It portrayed an everyday person falling in love with an everyday technology called OS1 and its voice, Samantha.

The analogy? We meet customers every day who tell us that they’ve fallen in love with our platform. So in honor of our customers, meet PAN-OS… …Continue reading

Examining a VBA-Initiated Infostealer Campaign

While Microsoft documents that leverage malicious, embedded Visual Basic for Applications (VBA) macros are not a new thing, their use has noticeably increased this year, thanks in part to their simplicity and effectiveness.

Some threat actors commonly use this class of malware to drop a second stage payload on victim systems. Even though Microsoft attempts to mitigate this threat by disabling macros by default, the percentage of users who explicitly bypass this protection and enable macros remains high.

Exploiting the human factor, the most effective attacker strategy is the tried and true spear phishing attack, ideally made to look authentic by appearing to originate from a legitimate organization/individual and containing role-relevant or topic-of-interest content to entice its intended target. This post examines an information stealer campaign that leveraged a VBA macro script, focusing on its progression, from delivery to Command and Control (C2), and its attribution to a malicious actor for context on objectives and motivation.

Delivery and Exploitation

The recent campaign started with an email sent to an employee responsible for processing financial statements at a global financial organization (Figure 1). The sender’s email address was spoofed as originating from an energy company. Subsequent analysis would show that this façade was very thin; yet, it is often all that is required to encourage a user to open an attachment or click on a link that then executes malicious code. …Continue reading

Web security tips: How PAN-DB works

posted by: on October 29, 2014 9:17 AM

filed in: Cybersecurity, Web Security
tagged: , , , ,

PAN-DB is our URL and IP database, designed to fulfill an enterprise’s web security needs. PAN-DB is tightly integrated into PAN-OS, providing you Advanced Persistent Threat (APT) protection with high-performance beyond traditional URL filtering.

Traditional URL filtering is intended to control unwanted web surfing such as non-business or illegal sites, but it usually doesn’t cover up to the minute malicious web sites such as newly discovered malware site, exploit site or command and control sites. Let me explain how PAN-DB works for you.

…Continue reading

It is Almost the End of October… Don’t Forget to Send in Your Picture It Submission!

posted by: on October 28, 2014 2:00 PM

filed in: Cybersecurity, Firewall
tagged: , , ,

Who doesn’t want to win an iPad Mini? It’s easy to enter!

First, you read the official rules and download your mini PA-7050, then you take a creative photo of it in your data center. After that, you simply head here to enter before the end of October. That’s it! Almost too easy… But we promise it isn’t a Halloween trick.

…Continue reading

Older posts →