Unit 42 - Latest Cyber Security Research

3,525

people reacted

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Qi Deng
April 15, 2021 at 11:44 AM

6 min. read

A conceptual image representing espionage, such as the attempted (but unsuccessful) credential harvesting discussed here.

4,198

people reacted

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

By Robert Falcone
April 15, 2021 at 6:00 AM

8 min. read

A conceptual image representing container security, such as that affected by CVE-2021-20291, discussed in this post

5,084

people reacted

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

By Aviv Sasson
April 14, 2021 at 6:00 AM

4 min. read

A conceptual image representing ransomware, such as the Clop ransomware family discussed in this threat assessment.

5,418

people reacted

Threat Assessment: Clop Ransomware

By Doel Santos
April 13, 2021 at 8:00 AM

6 min. read

5,419

people reacted

Winter 2020 Network Attack Trends: Internet of Threats

By Lei Xu, Yue Guan and Vaibhav Singhal
April 12, 2021 at 10:37 AM

8 min. read

A conceptual image representing the concept of malware, such as that covered in this case study of Emotet Command and Control traffic.

8,891

people reacted

Emotet Command and Control Case Study

By Chris Navarrete and Yanhui Jia
April 9, 2021 at 12:00 PM

9 min. read

7,485

people reacted

Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

By Ken Hsu, Vaibhav Singhal and Zhibin Zhang
April 8, 2021 at 12:29 PM

5 min. read

The word "Tutorial," superimposed over an image used in the Wireshark Tutorial series.

9,783

people reacted

Wireshark Tutorial: Examining Traffic from Hancitor Infections

By Brad Duncan
April 7, 2021 at 6:00 AM

20 min. read

Conceptual image representing 2020 phishing trends with PDF files

13,345

people reacted

2020 Phishing Trends With PDF Files

By Ashkan Hosseini and Ashutosh Chitwadgi
April 5, 2021 at 6:00 PM

19 min. read

Malicious email, as depicted here, can be the starting point of a chain of events related to Hancitor infections, which have recently been observed distributing Cobalt Strike and using a noisy network ping tool.

14,815

people reacted

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

By Brad Duncan
April 1, 2021 at 12:00 PM

11 min. read

23,357

people reacted

Wireshark Tutorial: Decrypting RDP Traffic

By Brad Duncan and Vijay Prakash
April 1, 2021 at 6:00 AM

10 min. read

A conceptual image designed to accompany the Unit 42 threat asessment of the Matrix ransomware family

13,768

people reacted

Threat Assessment: Matrix Ransomware

By Unit 42
March 26, 2021 at 1:30 PM

4 min. read

This conceptual image represents containers. Container images are a simple way to distribute software – and that can include the malicious cryptojacking images discussed here.

19,579

people reacted

20 Million Miners: Finding Malicious Cryptojacking Images in Docker Hub

By Aviv Sasson
March 26, 2021 at 6:00 AM

5 min. read

Conceptual image representing COVID-19 themed phishing attacks

17,561

people reacted

Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech

By Lucas Hu
March 24, 2021 at 3:00 AM

13 min. read

Conceptual image illustrating vulnerabilities, such as the 15 new vulnerabilities across Microsoft, Adobe and Apple products discussed here.

15,991

people reacted

Unit 42 Discovers 15 New Vulnerabilities Across Microsoft, Adobe and Apple Products

By Bo Qu
March 19, 2021 at 10:30 AM

2 min. read

Highlights from the Unit 42 Cloud Threat Report, 1H 2021

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

Threat Assessment: Clop Ransomware

Winter 2020 Network Attack Trends: Internet of Threats

Emotet Command and Control Case Study

Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

Wireshark Tutorial: Examining Traffic from Hancitor Infections

2020 Phishing Trends With PDF Files

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

Wireshark Tutorial: Decrypting RDP Traffic

Threat Assessment: Matrix Ransomware

20 Million Miners: Finding Malicious Cryptojacking Images in Docker Hub

Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech

Unit 42 Discovers 15 New Vulnerabilities Across Microsoft, Adobe and Apple Products

Popular Resources

Legal Notices

Account

Get updates on Unit 42

Trending

Popular Resources

Legal Notices

Account