Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool Executive SummaryThis article discusses the discovery of a new post-exploitation r... 2024-9-19 18:0:43 | 阅读: 16 | 收藏 | Unit 42 - unit42.paloaltonetworks.com splinter c2 wildfire analysis attacker

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors Executive SummaryUnit 42 researchers have been tracking the activity of an ongoing... 2024-9-19 05:0:59 | 阅读: 22 | 收藏 | Unit 42 - unit42.paloaltonetworks.com poolrat pondrat gleaming pisces

Phishing Pages Delivered Through Refresh HTTP Response Header Executive SummaryUnit 42 researchers observed many large-scale phishing campaigns... 2024-9-11 18:0:5 | 阅读: 12 | 收藏 | Unit 42 - unit42.paloaltonetworks.com phishing malicious recipient attackers hxxps

Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware Executive SummaryRepellent Scorpius is a new ransomware-as-a-service (RaaS) group... 2024-9-10 18:0:8 | 阅读: 52 | 收藏 | Unit 42 - unit42.paloaltonetworks.com ransomware encryptor cicada3301 scorpius repellent

Threat Assessment: North Korean Threat Groups Executive SummaryLazarus has been used in public reporting as an umbrella term for... 2024-9-10 06:0:58 | 阅读: 10 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cortex north pisces korean stage

Chinese APT Abuses VSCode to Target Government in Asia Executive SummaryUnit 42 researchers recently found that Stately Taurus abused the... 2024-9-7 06:0:58 | 阅读: 20 | 收藏 | Unit 42 - unit42.paloaltonetworks.com stately taurus attacker shadowpad cortex

Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant Executive SummaryThe Unit 42 Managed Threat Hunting team (MTH) identified a varian... 2024-9-2 18:0:38 | 阅读: 14 | 收藏 | Unit 42 - unit42.paloaltonetworks.com wikiloader shellcode security

TLD Tracker: Exploring Newly Released Top-Level Domains Executive SummaryWe investigated 19 new top-level domains (TLDs) released in the p... 2024-8-30 18:0:28 | 阅读: 7 | 收藏 | Unit 42 - unit42.paloaltonetworks.com tlds tld malicious unblockit

The Emerging Dynamics of Deepfake Scam Campaigns on the Web Executive SummaryOur researchers discovered dozens of scam campaigns using deepfak... 2024-8-29 18:0:23 | 阅读: 10 | 收藏 | Unit 42 - unit42.paloaltonetworks.com shop deepfake hxxps mp4 cloud

Bling Libra’s Tactical Evolution: The Threat Actor Group Behind ShinyHunters Ransomware Executive SummaryIn an incident response engagement handled by Unit 42, the threat... 2024-8-23 18:0:21 | 阅读: 11 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud buckets winscp cloudtrail security

Autoencoder Is All You Need: Profiling and Detecting Malicious DNS Traffic Executive SummaryTo improve our detection of suspicious network activity, we lever... 2024-8-21 18:0:1 | 阅读: 22 | 收藏 | Unit 42 - unit42.paloaltonetworks.com malicious network ddns c2 autoencoder

Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments Unit 42 researchers found an extortion campaign's cloud operation that successfull... 2024-8-15 18:0:9 | 阅读: 27 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud malicious security attackers victim

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure IntroductionOur latest Unit 42 Attack Surface Threat Report explores the attack su... 2024-8-14 21:0:37 | 阅读: 5 | 收藏 | Unit 42 - unit42.paloaltonetworks.com industries security palo exposures

ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts Executive SummaryThis research reviews an attack vector allowing the compromise of... 2024-8-13 18:0:36 | 阅读: 7 | 收藏 | Unit 42 - unit42.paloaltonetworks.com github artifacts artifact repository malicious

Harnessing LLMs for Automating BOLA Detection Executive SummaryThis post presents our research on a methodology we call BOLABust... 2024-8-13 04:0:54 | 阅读: 13 | 收藏 | Unit 42 - unit42.paloaltonetworks.com bola bolabuster pve bolas

Fighting Ursa Luring Targets With Car for Sale This post is also available in: 日本語 (Japanese)Executive SummaryA Russian thre... 2024-8-2 18:0:45 | 阅读: 1 | 收藏 | Unit 42 - unit42.paloaltonetworks.com ursa fighting webhook sale malicious

Identifying a BOLA Vulnerability in Harbor, a Cloud-Native Container Registry Executive SummaryIn a recent audit of open-source web applications, threat researc... 2024-8-1 03:0:54 | 阅读: 11 | 收藏 | Unit 42 - unit42.paloaltonetworks.com harbor bola maintainer

Scam Attacks Taking Advantage of the Popularity of the Generative AI Wave This post is also available in: 日本語 (Japanese)Executive SummaryIn this post,... 2024-7-26 18:0:11 | 阅读: 11 | 收藏 | Unit 42 - unit42.paloaltonetworks.com genai chatgpt gemini network gpt

AI Tool Identifies BOLA Vulnerabilities in Easy!Appointments This post is also available in: 日本語 (Japanese)Executive SummaryPalo Alto Netw... 2024-7-25 18:0:55 | 阅读: 6 | 收藏 | Unit 42 - unit42.paloaltonetworks.com bola privileged appointment

Accelerating Analysis When It Matters Executive SummaryIn this post, we share information about how security professiona... 2024-7-24 18:0:0 | 阅读: 11 | 收藏 | Unit 42 - unit42.paloaltonetworks.com stealer analysis c2 pw mce