For Cyberattackers, Time Is The Enemy

posted by: on February 1, 2016 5:00 AM

filed in: Announcement, Cybersecurity, Reports, Security Platform
tagged:

Current research in cybersecurity often has a narrow focus, detailing recently successful attacks and how those attacks were accomplished. Attackers are often represented as shadowy, nameless figures, with a special kind of mystique surrounding them. That Hollywood image couldn’t be further from the truth. In a new study released today, “Flipping the Economics of Attacks,” Palo Alto Networks has partnered with the Ponemon Institute to understand not only what motivates these attackers but also how we can turn the tables on them by taking away their financial incentives to attack.

The data also shows us a clear path to shift the economic motivation of attacks with two compelling facts: …Continue reading


Scarlet Mimic: Years-Long Espionage Campaign Targets Minority Activists

Executive Summary

Over the past seven months, Unit 42 has been investigating a series of attacks we attribute to a group we have code named “Scarlet Mimic.” The attacks began over four years ago and their targeting pattern suggests that this adversary’s primary mission is to gather information about minority rights activists. We do not have evidence directly linking these attacks to a government source, but the information derived from these activities supports an assessment that a group or groups with motivations similar to the stated position of the Chinese government in relation to these targets is involved. …Continue reading


BackStab: Mobile Backup Data Under Attack from Malware

posted by: on December 7, 2015 5:00 AM

filed in: Malware, Mobility, Reports, Threat Prevention, Unit 42
tagged: , , , , , , , , , , ,

Today we are releasing a whitepaper describing how malicious actors are stealing private mobile device data by accessing local backup files stored on PC and Mac computers. We have identified 704 samples of six Trojan, adware and HackTool families for Windows® or Mac® OS X® systems that used this technique to steal data from iOS and BlackBerry® devices. These attacks have been in the wild for over five years, and we have observed them deployed in over 30 countries around the world.

Since these families use a common attack technique to access the backup files, we categorize all of them as using the “BackStab attack,” defined as “an attack approach that captures private mobile device data through the theft of local backup files stored on PC and Mac computers.”

The BackStab attack technique poses a risk to many mobile users for the following reasons: …Continue reading


Older posts →