Latest news with #Unit42
Associated Press
23-05-2025
- Business
- Associated Press
Palo Alto Networks to Present at Upcoming Investor Event
SANTA CLARA, Calif., May 23, 2025 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, announced today that members of its management team will be presenting at the following financial community event: Bank of America 2025 Global Technology Conference Tuesday, June 3, 2025 8:40 a.m. PDT Additional information about upcoming investor event participation and a live audio webcast of each presentation will be accessible from the 'Investors' section of the Palo Alto Networks website at ABOUT PALO ALTO NETWORKS As the global AI and cybersecurity leader, Palo Alto Networks (NASDAQ: PANW) is dedicated to protecting our digital way of life via continuous innovation. Trusted by more than 70,000 organizations worldwide, we provide comprehensive AI-powered security solutions across network, cloud, security operations and AI, enhanced by the expertise and threat intelligence of Unit 42. Our focus on platformization allows enterprises to streamline security at scale, ensuring protection fuels innovation. Explore more at Palo Alto Networks, the Palo Alto Networks logo, and Precision AI are registered trademarks of Palo Alto Networks, Inc. in the United States or in certain jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available. View original content to download multimedia: SOURCE Palo Alto Networks, Inc.
Forbes
20-04-2025
- Forbes
This Tesla Attack Wants Your Data — What You Need To Know
Beware this new Agent Tesla threat. Tesla has undoubtedly been in the news a lot since Elon Musk started implementing the whole DOGE thing, leading to protests against the electric vehicle giant, including some that have been branded as acts of domestic terrorism by the Trump administration. This latest Tesla attack, however, has nothing to do with Musk or his cars, although it does bear some comparison with DOGE, as it does want information. Here's everything you need to know about the new Agent Tesla malware attacks. The primary goal of any threat campaign is to deploy whatever the payload might be, from infostealer malware, ransomware, to flash drive compromise. The secondary goal, I guess, is to do so without anyone being able to detect the attack and intervening to stop it. There is a case for switching those priorities around, as without the latter, the former isn't possible. But that is by the by. Sophisticated multi-stage attack campaigns are fast becoming the norm, not least as they will often use complex delivery mechanisms in the delivery of their payloads in order to evade detection and bypass traditional security protections. One such campaign has been reported by threat intelligence analysts from the Unit 42 research labs at Palo Alto Networks, and it delivers Agent Tesla malware to steal your sensitive information. The campaign begins with victims being sent emails with attached archives. 'These archives contain script-based malware that ultimately infects a host with the final malware,' Unit 42 said, with the phishing lure apparently involving that old chestnut of reviewing an attached order document or invoice for a payment that had supposedly been made. Opening this attachment executes a JavaScript-encoded file that downloads and launches a PowerShell script, executed from the system temp directory to increase stealthiness. There are then two distinct routes that the threat can follow: either a .NET executable or an AutoIt dropper. The type of malware that the user gets infected with will depend on which is used. 'By stacking simple stages instead of focusing on highly sophisticated techniques,' Unit 42 warned, 'attackers can create resilient attack chains that complicate analysis and detection.' The Unit 42 threat intelligence researchers observed Remcos RAT and XLoader being deployed by this particular campaign, but said that multiple Agent Tesla malware family variants were also used. Agent Tesla is a remote access trojan that is capable of harvesting all sorts of sensitive data, making it an extremely effective infostealer tool. The malware has been known to grab everything from usernames and password credentials to contact information and financial data, along with browser history, screenshot captures, data from email clients, and even keystroke recordings. Agent Tessa is also adept at intercepting communications, including email and chat messages. According to Kriti Awasthi at Fidelis Security, you can mitigate Agent Tesla attacks by ensuring email security and phishing awareness, employing multi-layer security, regularly updating software and firmware against known vulnerabilities and using strong authentication and access controls.
Yahoo
15-03-2025
- Yahoo
FBI warns of dangerous new ‘smishing' scam targeting your phone
Smishing is a type of phishing scam that works through text messages. The name comes from a mix of "SMS" and "phishing," since scammers use fake messages to trick people into giving away personal information. It's been around for a while, but lately, it's gotten so bad that even the FBI and several U.S. cities have started warning people. Hackers have set up over 10,000 fake websites to keep these scams going, targeting both iPhone and Android users with texts designed to steal their personal and financial information. STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT'S THE CYBERGUY REPORT NOW Cities across the United States are warning residents about an ongoing mobile phishing campaign in which scammers impersonate parking violation departments. The fraudulent text messages claim recipients have unpaid parking invoices and threaten a $35 daily fine if left unpaid. As reported by cybersecurity publication BleepingComputer, the latest wave of phishing texts has prompted alerts from multiple cities, including Annapolis, Boston, Greenwich, Denver, Detroit, Houston, Milwaukee, Salt Lake City, Charlotte, San Diego and San Francisco. The campaign, which began in December, remains active. The smishing texts claim to be from a government authority and instruct recipients to click a link to pay an alleged overdue fine. Read On The Fox News App "This is a final reminder from the City of New York regarding the unpaid parking invoice. A $35 daily overdue fee will be charged if payment is not made today," one fraudulent message says. The same phishing template has been observed in similar scams targeting residents of other cities. The FBI has also raised concerns about a broader smishing campaign affecting U.S. residents. In a recent alert, the agency warned that scammers have expanded beyond parking fines and are now impersonating road toll collection services. What Is Artificial Intelligence (Ai)? "Since early March 2024, the FBI Internet Crime Complaint Center (IC3) has received over 2,000 complaints reporting smishing texts representing road toll collection services from at least three states," the agency stated. "IC3 complaint information indicates the scam may be moving from state to state." Is The Ftc Calling You? Probably Not. Here's How To Avoid A New Phone Scam Targeting You A new report from cybersecurity firm Palo Alto Networks' Unit 42, the company's cybersecurity division specializing in threat intelligence and incident response, has uncovered that these scams are designed to steal sensitive information, including credit card and bank account details. What started as a scheme involving fraudulent toll payment notifications has now expanded to include fake delivery service alerts, tricking users into clicking malicious links. The scam appears to be operated by local cybercriminals using a toolkit developed by Chinese hacking groups. Notably, research from Unit 42 shows that many of the scam's root domains and fully qualified domain names use the Chinese .XIN top-level domain (TLD). The Dark World Of Facebook Ads Where Scammers Are Trying To Steal Your Money 1. Verify before you trust: Treat unsolicited texts with caution. If a message claims to be from a government agency or company, don't click any links or act immediately. Instead, verify the claim by contacting the organization directly using an official phone number or checking their verified website. 2. Avoid clicking suspicious links and use strong antivirus software: Scammers use links to direct you to fake websites that can steal your personal or financial information. Instead of clicking on any link in an unexpected text, manually type the known URL into your browser or search for the organization's official website. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Keep your devices secure: Regularly update your devices' operating systems and apps to ensure you have the latest security patches. Consider installing reputable security software that can help detect phishing attempts and warn you about potentially dangerous websites or messages. 4. Use a password manager: A trusted password manager can help protect your sensitive information by automatically filling in credentials only on verified sites. This minimizes the risk of entering details on fraudulent websites and can alert you if a site doesn't match what's expected. Get more details about my best expert-reviewed Password Managers of 2025 here. 5. Report suspicious activity: If you receive a text that seems off, report it immediately to your mobile carrier, local law enforcement or the FBI's Internet Crime Complaint Center (IC3). Reporting helps authorities track down scammers and prevent further attacks. 6. Consider using a personal data removal service: Personal data removal services can help reduce your exposure to smishing attacks by removing your sensitive information — like phone numbers, addresses and email details — from data broker websites. Scammers often rely on these publicly available databases to target victims with personalized phishing texts. These services aren't foolproof, but they can make it harder for cybercriminals to find and exploit your information. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. Energy-saving Scam Uses Elon Musk's Name – Here's The Truth I've been tracking these smishing scams, and it's clear they're evolving fast, from fake parking fines to bogus toll notifications. With the FBI and cities like New York, San Francisco and others sounding the alarm, I'm stepping up my own security game. As a general rule, if you receive a text from an unknown number or email address that's an out-of-the-blue greeting, asks you to click a link, pay a bill or respond in any way, just block it and report the number. It's better to be safe than sorry when it comes to protecting your personal information. Do you feel that mobile phone providers and tech companies are doing enough to protect users from these types of scams? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover Follow Kurt on his social channels Facebook YouTube Instagram Answers to the most asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) CyberGuy's Exclusive Coupons and Deals Copyright 2025 All rights article source: FBI warns of dangerous new 'smishing' scam targeting your phone
Fox News
15-03-2025
- Fox News
FBI warns of dangerous new ‘smishing' scam targeting your phone
Smishing is a type of phishing scam that works through text messages. The name comes from a mix of "SMS" and "phishing," since scammers use fake messages to trick people into giving away personal information. It's been around for a while, but lately, it's gotten so bad that even the FBI and several U.S. cities have started warning people. Hackers have set up over 10,000 fake websites to keep these scams going, targeting both iPhone and Android users with texts designed to steal their personal and financial information. Cities across the United States are warning residents about an ongoing mobile phishing campaign in which scammers impersonate parking violation departments. The fraudulent text messages claim recipients have unpaid parking invoices and threaten a $35 daily fine if left unpaid. As reported by cybersecurity publication BleepingComputer, the latest wave of phishing texts has prompted alerts from multiple cities, including Annapolis, Boston, Greenwich, Denver, Detroit, Houston, Milwaukee, Salt Lake City, Charlotte, San Diego and San Francisco. The campaign, which began in December, remains active. The smishing texts claim to be from a government authority and instruct recipients to click a link to pay an alleged overdue fine. "This is a final reminder from the City of New York regarding the unpaid parking invoice. A $35 daily overdue fee will be charged if payment is not made today," one fraudulent message says. The same phishing template has been observed in similar scams targeting residents of other cities. The FBI has also raised concerns about a broader smishing campaign affecting U.S. residents. In a recent alert, the agency warned that scammers have expanded beyond parking fines and are now impersonating road toll collection services. "Since early March 2024, the FBI Internet Crime Complaint Center (IC3) has received over 2,000 complaints reporting smishing texts representing road toll collection services from at least three states," the agency stated. "IC3 complaint information indicates the scam may be moving from state to state." A new report from cybersecurity firm Palo Alto Networks' Unit 42, the company's cybersecurity division specializing in threat intelligence and incident response, has uncovered that these scams are designed to steal sensitive information, including credit card and bank account details. What started as a scheme involving fraudulent toll payment notifications has now expanded to include fake delivery service alerts, tricking users into clicking malicious links. The scam appears to be operated by local cybercriminals using a toolkit developed by Chinese hacking groups. Notably, research from Unit 42 shows that many of the scam's root domains and fully qualified domain names use the Chinese .XIN top-level domain (TLD). 1. Verify before you trust: Treat unsolicited texts with caution. If a message claims to be from a government agency or company, don't click any links or act immediately. Instead, verify the claim by contacting the organization directly using an official phone number or checking their verified website. 2. Avoid clicking suspicious links and use strong antivirus software: Scammers use links to direct you to fake websites that can steal your personal or financial information. Instead of clicking on any link in an unexpected text, manually type the known URL into your browser or search for the organization's official website. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Keep your devices secure: Regularly update your devices' operating systems and apps to ensure you have the latest security patches. Consider installing reputable security software that can help detect phishing attempts and warn you about potentially dangerous websites or messages. 4. Use a password manager: A trusted password manager can help protect your sensitive information by automatically filling in credentials only on verified sites. This minimizes the risk of entering details on fraudulent websites and can alert you if a site doesn't match what's expected. Get more details about my best expert-reviewed Password Managers of 2025 here. 5. Report suspicious activity: If you receive a text that seems off, report it immediately to your mobile carrier, local law enforcement or the FBI's Internet Crime Complaint Center (IC3). Reporting helps authorities track down scammers and prevent further attacks. 6. Consider using a personal data removal service: Personal data removal services can help reduce your exposure to smishing attacks by removing your sensitive information — like phone numbers, addresses and email details — from data broker websites. Scammers often rely on these publicly available databases to target victims with personalized phishing texts. These services aren't foolproof, but they can make it harder for cybercriminals to find and exploit your information. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. I've been tracking these smishing scams, and it's clear they're evolving fast, from fake parking fines to bogus toll notifications. With the FBI and cities like New York, San Francisco and others sounding the alarm, I'm stepping up my own security game. As a general rule, if you receive a text from an unknown number or email address that's an out-of-the-blue greeting, asks you to click a link, pay a bill or respond in any way, just block it and report the number. It's better to be safe than sorry when it comes to protecting your personal information. Do you feel that mobile phone providers and tech companies are doing enough to protect users from these types of scams? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Yahoo
13-03-2025
- Yahoo
What is ‘Smishing' and Why is the FBI Recommending You Delete iPhone and Android Text Messages That Say This
The FBI has issued a public service announcement after widespread reports of 'smishing' texts that scam cell phone users into believing they have unpaid road tolls. The FBI defines "smishing" as 'a social engineering attack using fake text messages to trick people into downloading malware, sharing sensitive information, or sending money to cybercriminals." The term is a combination of SMS (short message service) and phishing. This month marks one year since the FBI Internet Crime Complaint Center (IC3) began seeing an increase in "smishing" complaints about texts claiming to represent road toll collection services from at least three states, the FBI wrote in the PSA. In the last year, the IC3 reports they've received over 2,000 complaints. The road toll collection scam texts claim the recipient carries an "outstanding toll amount" that must be paid immediately to avoid increased charges, the IC3 writes. The link provided in the text message mimics a state's toll service name and tricks recipients into clicking on it. Never miss a story — sign up for to stay up-to-date on the best of what PEOPLE has to offer, from celebrity news to compelling human-interest stories. An example of the text recipients receive reads: '(State Toll Service Name): We've noticed an outstanding toll amount of $12.51 on your record. To avoid a late fee of $50.00, visit to settle your balance.' Palo Alto Networks' Unit 42 explains the scammer's new campaign 'entices users to reveal personal and/or financial information, including credit or debit card and account information.' The Federal Trade Commission (FTC) warns users who receive a text regarding an unpaid toll that 'it's probably a scam' and these scammers are working 'coast to coast.' 'Not only is the scammer trying to steal your money, but if you click the link, they could get your personal info and even steal your identity,' the FTC warns. The text messages follow a similar format relying on urgency within the message, claiming recipients will accrue even higher costs if they don't pay right away. Scammers craft a new domain that provides a link to the payment site, Forbes reported. While Apple iMessage provides a layer of protection from scammers by disabling links from unknown senders, scammers found a way to bypass this by asking users to reply with 'Y' and reopen the message. This action by users enables links to be received from "smishing" texts, according to Unit 42. Related: Brad Pitt's Rep Reminds Fans Actor Does Not Use Social Media After Catfished Fan Was Scammed Out of $800K A trick for users to check whether or not the link is legit is by looking at the domain name that usually includes the Chinese .XIN TLD, Unit 42 advises. This is a toolkit built by Chinese cybercrime groups, Forbes reports. Examples of domains to keep an eye out for include: The IC3 advises recipients of these 'smishing" scam messages to take action by first filing a complaint with them which includes reporting the phone number from the road toll collection service impersonator as well as the website linked in the message. The FBI recommends "smishing" scam recipients to delete all questionable messages they receive. And if recipients happen to click on any links sent or provide their personal information, they should take immediate action to secure personal information, especially financial accounts. Read the original article on People
