Robert Megennis is a 16-year-old racing prodigy. Palo Alto Networks is proud to be a sponsor of Rob’s races for the 2016 Mazda Road to Indy racing season. Check out his adventures from this season and see why we consider him a true next-generation competitor!
It’s official. As the 2016 season came to a close, Palo Alto Networks driver Robert Megennis became the highest finishing rookie and walked, err…drove away with two awards:
- Season-long Tilton Hard Charger Award
- Highest finishing American driver in the Cooper Tires USF2000 Championship Presented by Mazda
Robert, who finished 48 points clear of the next rookie competitor and twice making the podium this season, had a busy season but managed to squeeze in a visit to Palo Alto Networks HQ in Santa Clara, California, giving fans a glimpse into the world of a professional racecar driver.
Unit 42 researchers identified a new OS X Trojan associated with the Sofacy group that we are now tracking with the ‘Komplex’ tag using the Palo Alto Networks AutoFocus threat intelligence platform.
The Sofacy group, also known as APT28, Pawn Storm, Fancy Bear, and Sednit, continues to add to the variety of tools they use in attacks; in this case, targeting individuals in the aerospace industry running the OS X operating system. During our analysis, we determined that Komplex was used in a previous attack campaign targeting individuals running OS X that exploited a vulnerability in the MacKeeper antivirus application to deliver Komplex as a payload. Komplex shares a significant amount of functionality and traits with another tool used by Sofacy – the Carberp variant that Sofacy had used in previous attack campaigns on systems running Windows. In addition to shared code and functionality, we also discovered Komplex command and control (C2) domains that overlapped with previously identified phishing campaign infrastructures associated with the Sofacy group. …Continue reading
As we’ve previously discussed, the Network and Information Security (NIS) Directive and General Data Protection Regulation (GDPR), which will be introduced in 2018, include among their requirements the concept of “state of the art.” This means that organizations must take into account technologies and practices that are state of the art in security when deciding how to invest in mitigating risks associated with data protection (in the case of GDPR) and the protection of essential services that have a dependency on network and information systems (in the case of the NIS directive).
Overall, the new requirement for state of the art is a positive, giving opportunity to re-architect security capability with a focus on better mitigating cyber risks and thus preventing successful data breaches, but it’s apparent that many organizations are still working out what this means for them. We’ve recently commissioned IDC to conduct research into how businesses in Europe perceive the upcoming requirements. …Continue reading