Hey, Palo Alto Research - do you think you could drop the Flash ad from your security blog?


Palo Alto ResearchI’m a big fan of the excellent research published by the security research team at Palo Alto Networks.

For instance, they’ve just released some great information about YiSpecter, malware that is infecting iOS devices in China and Taiwan.

You should check it out, and other threat research issued by Palo Alto Networks.

But what galls me is that Palo Alto Networks seems to have taken a feather out of Forbes’s hat, and occasionally spurts up an ad for umpteen seconds before I can read their research. Worse still, the ad is delivered via Adobe Flash.

Now I, like all sensible security-sensitive folks, don’t allow Flash to run by default. There have just been too many instances of Flash being used as a vector for spreading malware, even on legitimate websites.

Instead I use Click-to-Play.

Palo Alto Research flash advert

So, I don’t get to see the ad. Which is nice. But presumably not what the marketing department at Palo Alto Networks wanted.

So, here’s my suggestion to Palo Alto Networks - how about ditching Flash for your ads?

After all, your own security blog has warned about Adobe Flash being exploited many times in the past.

Thanks for listening.

Update: It seems Palo Alto Networks may have listened, and removed the Flash ad. Huzzah!

Tags: , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, ,

4 Responses

  1. drsolly

    October 5, 2015 at 6:57 pm #

    They aren’t listening.

    • Jared in reply to drsolly.

      October 6, 2015 at 1:03 am #

      Looks like they’ve already pulled flash from the blogs and support sites!

  2. Simon

    October 6, 2015 at 10:18 am #

    It’s quite funny, it wreaks of ‘do as I say, not what I do’ syndrome :)

  3. David L

    October 6, 2015 at 12:57 pm #

    THANKS GRAHAM!! Every time I have visited Palo Alto, I meant to send them an email about this issue,but then,after reading the research,simply forgot.

    All this malware,adware,and spyware for both ios and android are being discovered more and more these days,because of mobile platforms prevalence. The security outfits focused on mobile have boomed in the last couple years, and its high time Google and Apple take a break from bringing the latest feature,and tighten up the core operating systems.

    Stagefright 2.0 was in the news last week,and now mp3 and mp4 can infect devices, but I knew this week’s ago,because the guys at 360 security blogged about it from the beginning. But there is no word about it being found in the wild,a point I find hard to believe. I think, it HAS been used,but the evidence was cleared after gaining control of devices to use them in botnets, install adware, and steal information from devices. Time will tell,but this year will be the “Year of Mobile Malware” !

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.