Right arrow
Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights.
category iconHigh Profile Threats

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 19)
Pictorial representation of a threat like BlackSuit ransomware. An illustration of a modern workspace with a laptop displaying cybersecurity icons, surrounded by stacks of coins and a credit card, all depicted in a neon, digital art style.
category iconHigh Profile Threats

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Pictorial representation of FrostyGoop malware. Close-up view of a digital screen displaying a pixelated, abstract image, possibly representing a face.
category iconThreat Research

FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications

Access the latest threat research

View all research Right Arrow
A pictorial representation of a campaign like BeaverTail. Digital globe with interconnected network lines and data streams on a futuristic interface, symbolizing global connectivity and information technology advancements.
category iconBusiness Email Compromise

Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack
Read now
Pictorial representation of global companies paying North Korean IT workers. Abstract digital world map with interconnected lines and dots, depicting global data and network connections, highlighted in blue and red colors.
category iconCybercrime

Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them
Read now
Pictorial representation of vulnerabilities in Vertex AI. A Black woman wearing glasses, looking intently at colorful computer code projected on a screen, highlighting a focus on technology and coding.
category iconCloud Cybersecurity Research

ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI
Read now

Understand high profile cyberthreats and vulnerabilities

View high profile threats Right Arrow
Pictorial representation of Lynx ransomware. A digital illustration of glowing chains with broken links, set against a background of binary code in blue and red.
category iconRansomware

Lynx Ransomware: A Rebranding of INC Ransomware
Read now
A pictorial representation of Cicada3301 ransomware. Digital rendering of a transparent padlock superimposed with programming code and placed on a network of connected databases, symbolizing cybersecurity and data protection.
category iconRansomware

Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware
Read now
Illustrative image featuring two fish and the Pisces constellation superimposed on a stylized, abstract background with flowing purple waves and a starry night sky.
category iconMalware

Threat Assessment: North Korean Threat Groups
Read now
Abstract illustration of a network sppread like a spiderweb, connecting covering the globe and symbolizing data or communication links.
category iconVulnerabilities

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability
Read now
A digital illustration of a world map focused on Europe and parts of Asia, highlighted with glowing connections and nodes representing global connectivity.
category iconVulnerabilities

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated May 20)
Read now
Futuristic illustration with glowing neon lights and advanced technology motifs, depicting cloud computing and data flow through interconnected networks. The scene is highlighted by hovering digital clouds and dynamic, illuminated linear structures, set in a dramatic, blue and orange color scheme.
category iconCloud Cybersecurity Research

Muddled Libra’s Evolution to the Cloud
Read now

Watch, listen and learn about cybersecurity topics

View All Right Arrow

Follow the activities of threat actor groups tracked by Unit 42

All threat actor posts Right Arrow
A pictorial representation of a campaign like BeaverTail. Digital globe with interconnected network lines and data streams on a futuristic interface, symbolizing global connectivity and information technology advancements.
category iconBusiness Email Compromise

Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack
Read now
A pictorial represntation of cybercrime like Silent Skimmer. A glowing red padlock on a wet surface with red particles floating in a misty, dark blue background.
category iconCybercrime

Silent Skimmer Gets Loud (Again)
Read now
A representation of a threat group like Jumpy Pisces. Illustrative image featuring two fish and the Pisces constellation superimposed on a stylized, abstract background with flowing purple waves and a starry night sky.
category iconRansomware

Jumpy Pisces Engages in Play Ransomware
Read now
Pictorial representation of a campaign like Contagious Interview. Digital graphic of a glowing globe with network connections and data streams, symbolizing global connectivity and technology advancements.
category iconMalware

Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware
Read now
Pictorial representation of keylogger malware like KLogEXE and FPSpy. Person working on a laptop with lines of code displayed on the screen, with a blurred effect indicating motion or activity, surrounded by a vivid blue and red lighting.
category iconMalware

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy
Read now
Pictorial representation of APT groups from North Korea. The silhouette of two fish and the Pisces constellation inside an orange abstract planet, surrounded by two larger blue fish. Abstract, stylized cosmic setting with vibrant blue and purple shapes, representing space and distant planetary bodies.
category iconMalware

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors
Read now

Explore in-depth cybersecurity trend reports

View All Right Arrow
Report

Updated: 2024 Unit 42 Incident Response Report

Access our survey of incident data from more than 250 organizations and 600 incidents, updated for summer 2024. You’ll better understand the threats you face, including:

Initial access

  • Attackers exploited software vulnerabilities to gain access 36% more often in 2023 than previous years… and that trend is continuing in 2024.

Data theft tactics

  • In 93% of incidents Unit 42 responded to, threat actors took data indiscriminately rather than searching for specific data.

Plus updated spotlights on attackers, artificial intelligence, predictions (and how we’re doing against them), and more.

 

Get the report
Cover of the 2024 Unit 42 Incident Response Report
A pictorial representation of AI threats. Looking over the shoulder of a man in the cockpit of a vessel in space, the window looks out on an Earth-like planet.
category iconSecurity Technology

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks
Read now
Pictorial representation of attack surface management. Close-up of a person wearing glasses with computer code reflections on the lenses.
category iconSecurity Technology

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure
Read now
Pictorial representation of ransomware activity in the first half of 2024. A digitial illustration of a lock made up of nodes glowing against a background of bokeh points.
category iconRansomware

Ransomware Review: First Half of 2024
Read now
category iconCloud Cybersecurity Research

Attack Paths Into VMs in the Cloud
Read now

Default Heading

Read the article Right Arrow