Here’s a roundup of this week’s top Palo Alto Networks news.
Insecure Internal Storage in Android: Palo Alto Networks researcher Claud Xiao demonstrates how an attacker can bypass Android protection to gain access to usernames, passwords and other data.
Palo Alto Networks examines the CHS breach and Heartbleed exploitation, another example that reiterates how serious this vulnerability is and how critical protection against it remains.
Yesterday, TrustedSec, a security consultancy based on Ohio, wrote that the recent breach at Community Health Systems (CHS) was the result of exploitation of the Heartbleed OpenSSL vulnerability (CVE-2014-0160). CHS’s 8-K filing on Monday did not reveal how the attackers got into their network, only that the records of approximately 4.5 million patients were stolen in attacks in between April and June of 2014. TrustedSec reports on how attackers were apparently able to glean user credentials from a certain device via the Heartbleed vulnerability and use them to log in via a VPN.
We’re proud to have two Palo Alto Networks experts featured on a regular basis in SecurityWeek, one of the industry’s premier trade publications.
Check out Scott Gainey’s article, published today, on how to prepare for board meetings and why it’s important to consider how you’re explaining cybersecurity to C- and board-level executives before you dive into technical details. …Continue reading