No Way to Hide: Uncovering New Campaigns from Daily Tunneling Detection read file error: read notes: is a directory... 2024-10-5 05:0:3 | 阅读: 20 | 收藏 | Unit 42 - unit42.paloaltonetworks.com tunneling rootdom nameserver c2 ns500505

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning read file error: read notes: is a directory... 2024-10-1 18:0:5 | 阅读: 70 | 收藏 | Unit 42 - unit42.paloaltonetworks.com injection cloud machine malicious security

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy read file error: read notes: is a directory... 2024-9-26 18:0:51 | 阅读: 45 | 收藏 | Unit 42 - unit42.paloaltonetworks.com klogexe fpspy sparkling pisces powershell

Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz read file error: read notes: is a directory... 2024-9-25 05:0:32 | 阅读: 107 | 收藏 | Unit 42 - unit42.paloaltonetworks.com phishing dz sniper proxy phaas

Inside SnipBot: The Latest RomCom Malware Variant Executive SummaryWe recently discovered a novel version of the RomCom malware fami... 2024-9-24 05:0:55 | 阅读: 143 | 收藏 | Unit 42 - unit42.paloaltonetworks.com c2 attacker snipbot download

Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool Executive SummaryThis article discusses the discovery of a new post-exploitation r... 2024-9-19 18:0:43 | 阅读: 25 | 收藏 | Unit 42 - unit42.paloaltonetworks.com splinter c2 wildfire analysis attacker

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors Executive SummaryUnit 42 researchers have been tracking the activity of an ongoing... 2024-9-19 05:0:59 | 阅读: 35 | 收藏 | Unit 42 - unit42.paloaltonetworks.com poolrat pondrat gleaming pisces

Phishing Pages Delivered Through Refresh HTTP Response Header Executive SummaryUnit 42 researchers observed many large-scale phishing campaigns... 2024-9-11 18:0:5 | 阅读: 23 | 收藏 | Unit 42 - unit42.paloaltonetworks.com phishing malicious recipient attackers hxxps

Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware Executive SummaryRepellent Scorpius is a new ransomware-as-a-service (RaaS) group... 2024-9-10 18:0:8 | 阅读: 62 | 收藏 | Unit 42 - unit42.paloaltonetworks.com ransomware encryptor cicada3301 scorpius repellent

Threat Assessment: North Korean Threat Groups Executive SummaryLazarus has been used in public reporting as an umbrella term for... 2024-9-10 06:0:58 | 阅读: 25 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cortex north pisces korean stage

Chinese APT Abuses VSCode to Target Government in Asia Executive SummaryUnit 42 researchers recently found that Stately Taurus abused the... 2024-9-7 06:0:58 | 阅读: 32 | 收藏 | Unit 42 - unit42.paloaltonetworks.com stately taurus attacker shadowpad cortex

Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant Executive SummaryThe Unit 42 Managed Threat Hunting team (MTH) identified a varian... 2024-9-2 18:0:38 | 阅读: 25 | 收藏 | Unit 42 - unit42.paloaltonetworks.com wikiloader shellcode security

TLD Tracker: Exploring Newly Released Top-Level Domains Executive SummaryWe investigated 19 new top-level domains (TLDs) released in the p... 2024-8-30 18:0:28 | 阅读: 21 | 收藏 | Unit 42 - unit42.paloaltonetworks.com tlds tld malicious unblockit

The Emerging Dynamics of Deepfake Scam Campaigns on the Web Executive SummaryOur researchers discovered dozens of scam campaigns using deepfak... 2024-8-29 18:0:23 | 阅读: 22 | 收藏 | Unit 42 - unit42.paloaltonetworks.com shop deepfake hxxps mp4 cloud

Bling Libra’s Tactical Evolution: The Threat Actor Group Behind ShinyHunters Ransomware Executive SummaryIn an incident response engagement handled by Unit 42, the threat... 2024-8-23 18:0:21 | 阅读: 23 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud buckets winscp cloudtrail security

Autoencoder Is All You Need: Profiling and Detecting Malicious DNS Traffic Executive SummaryTo improve our detection of suspicious network activity, we lever... 2024-8-21 18:0:1 | 阅读: 34 | 收藏 | Unit 42 - unit42.paloaltonetworks.com malicious network ddns c2 autoencoder

Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments Unit 42 researchers found an extortion campaign's cloud operation that successfull... 2024-8-15 18:0:9 | 阅读: 37 | 收藏 | Unit 42 - unit42.paloaltonetworks.com cloud malicious security attackers victim

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure IntroductionOur latest Unit 42 Attack Surface Threat Report explores the attack su... 2024-8-14 21:0:37 | 阅读: 14 | 收藏 | Unit 42 - unit42.paloaltonetworks.com industries security palo exposures

ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts Executive SummaryThis research reviews an attack vector allowing the compromise of... 2024-8-13 18:0:36 | 阅读: 18 | 收藏 | Unit 42 - unit42.paloaltonetworks.com github artifacts artifact repository malicious

Harnessing LLMs for Automating BOLA Detection Executive SummaryThis post presents our research on a methodology we call BOLABust... 2024-8-13 04:0:54 | 阅读: 59 | 收藏 | Unit 42 - unit42.paloaltonetworks.com bola bolabuster pve bolas