Standardizing Cloud Security with CSA STAR Certification

Standardizing Cloud Security with CSA STAR Certification

In early 2014 Dropbox joined the Cloud Security Alliance (CSA). Working with the CSA is an important part of Dropbox’s commitment to security and transparency. In June of 2014 Dropbox achieved Level 1 Certification through STAR, the CSA’s publicly available registry, which documents how Dropbox’s security practices measure up to industry-accepted standards and the CSA’s [...]

Let It Ride: The Sofacy Group’s DealersChoice Attacks Continue

Let It Ride: The Sofacy Group’s DealersChoice Attacks Continue

Recently, Palo Alto Networks Unit 42 reported on a new exploitation platform that we called “DealersChoice” in use by the Sofacy group (AKA APT28, Fancy Bear, STRONTIUM, Pawn Storm, Sednit).  As outlined in our original posting, the DealersChoice exploitation platform generates malicious RTF documents which in turn use embedded OLE Word documents. These embedded OLE [...]

2017 Cybersecurity Predictions: Service Providers Confront IoT Security

2017 Cybersecurity Predictions: Service Providers Confront IoT Security

This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen) in cybersecurity in 2017.  Based on the trends we are seeing within the mobile industry, here are some predictions for 2017: Sure Thing: Cyberattackers will target [...]