Unit 42 - Latest Cyber Security Research

A conceptual image representing malware, such as the BazarLoader windows-based malware discussed here.

7,171

people reacted

Case Study: From BazarLoader to Network Reconnaissance

By Brad Duncan
October 18, 2021 at 6:00 AM

7 min. read

A conceptual image representing alerts on vulnerabilities and exploits, such as the monitoring that revealed exploit attempts that traced to malicious use of the Interactsh tool.

8,357

people reacted

Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes

By Yue Guan, Jin Chen, Leo Olson, Wayne Xin and Daiping Liu
October 14, 2021 at 6:00 AM

7 min. read

An image representing an adversary, such as the threat actors discussed in this overview of SilverTerrier, the name we use to track Nigerian business email compromise.

11,643

people reacted

SilverTerrier – Nigerian Business Email Compromise

By Peter Renals
October 7, 2021 at 6:00 AM

19 min. read

A conceptual image representing Wireshark Tutorials.

22,839

people reacted

Wireshark Tutorial: Wireshark Workshop Videos Now Available

By Brad Duncan
October 1, 2021 at 6:00 AM

2 min. read

A conceptual image representing malicious email, such as that used for credential harvesting as part of scams such as business email compromise.

14,096

people reacted

Credential Harvesting at Scale Without Malware

By Brady Stout
September 30, 2021 at 3:00 PM

8 min. read

A conceptual image representing trends, such as those covered in our post on network security trends from May-July 2021.

17,864

people reacted

Network Security Trends: May-July 2021

By Yue Guan and Lei Xu
September 17, 2021 at 3:00 PM

9 min. read

A conceptual image associated with the threat brief series, such as this post covering recent OMI vulnerabilities and how to remediate.

16,639

people reacted

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

By Nathaniel Quist
September 16, 2021 at 12:00 PM

2 min. read

A conceptual image representing exploitation of DNS, such as an often overlooked issue discussed in this blog, dangling domains, which can be exploited for DNS hijacking.

16,292

people reacted

Dangling Domains: Security Threats, Detection and Prevalence

By Daiping Liu and Ruian Duan
September 16, 2021 at 6:00 AM

12 min. read

A conceptual image representing the COVID-19 pandemic and cybercrime – this blog discusses how threat actors are poised to take advantage of one of the aspects of the slowing spread of the virus: attacking a renewed travel industry with travel-themed phishing campaigns.

17,203

people reacted

Phishing Eager Travelers

By Anna Chung and Swetha Balla
September 15, 2021 at 6:00 AM

9 min. read

A conceptual image representing phishing, such as the JavaScript-based phishing discussed here.

17,286

people reacted

PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection

By Lucas Hu
September 10, 2021 at 6:00 AM

7 min. read

A conceptual image illustrating vulnerabilities related to containers and Kubernetes, such as Azurescape, the cross-account container takeover in Azure Container Instances discussed here.

57,892

people reacted

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

By Yuval Avrahami
September 9, 2021 at 3:00 AM

14 min. read

A conceptual image representing vulnerabilities, such as CVE-2021-26084, discussed here.

23,294

people reacted

Threat Brief: CVE-2021-26084

By Unit 42
September 3, 2021 at 12:20 PM

2 min. read

A conceptual image representing malware, such as the malware discussed here, designed to evade classifiers through benign append attacks.

20,210

people reacted

The Innocent Until Proven Guilty Learning Framework Helps Overcome Benign Append Attacks

By Brody Kutt, Oleksii Starov and Billy Hewlett
September 1, 2021 at 3:00 PM

11 min. read

A conceptual image representing issues with DNS, such as the DNS rebinding discussed here.

25,689

people reacted

DNS Rebinding Attack: How Malicious Websites Exploit Private Networks

By Zhanhao Chen
August 31, 2021 at 6:00 AM

13 min. read

A conceptual image representing a vulnerability, such as CVE-2021-32305, discussed in this post.

23,582

people reacted

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

By Brock Mammen and Haozhe Zhang
August 30, 2021 at 6:00 AM

5 min. read

Highlights From the Unit 42 Cloud Threat Report, 2H 2021

Case Study: From BazarLoader to Network Reconnaissance

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

Case Study: From BazarLoader to Network Reconnaissance

Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes

SilverTerrier – Nigerian Business Email Compromise

Wireshark Tutorial: Wireshark Workshop Videos Now Available

Credential Harvesting at Scale Without Malware

Network Security Trends: May-July 2021

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

Dangling Domains: Security Threats, Detection and Prevalence

Phishing Eager Travelers

PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

Threat Brief: CVE-2021-26084

The Innocent Until Proven Guilty Learning Framework Helps Overcome Benign Append Attacks

DNS Rebinding Attack: How Malicious Websites Exploit Private Networks

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

Popular Resources

Legal Notices

Account

Get updates on Unit 42

Trending

Popular Resources

Legal Notices

Account