Unit 42 - Latest Cyber Security Research

A conceptual image representing container security, including FabricScape, the container escape vulnerability discussed here.

15,766

people reacted

FabricScape: Escaping Service Fabric and Taking Over the Cluster

By Aviv Sasson
June 28, 2022 at 4:30 PM

10 min. read

16,936

people reacted

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

By Mark Lim and Riley Porter
June 24, 2022 at 6:00 AM

5 min. read

Conceptual illustration showing malicious files

24,123

people reacted

Why Are My Junctions Not Followed? Exploring Windows Redirection Trust Mitigation

By Gal De Leon
June 14, 2022 at 3:00 PM

5 min. read

34,627

people reacted

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

By Unit 42
June 13, 2022 at 3:00 AM

10 min. read

A conceptual image representing ransomware, including HelloXD.

28,514

people reacted

Exposing HelloXD Ransomware and x4k

By Daniel Bunce and Doel Santos
June 10, 2022 at 6:00 PM

15 min. read

A conceptual image representing ransomware, such as LockBit 2.0, discussed here.

27,687

people reacted

LockBit 2.0: How This RaaS Operates and How to Protect Against It

By Amer Elsad, JR Gumarin and Abigail Barr
June 9, 2022 at 6:00 AM

16 min. read

Threat Brief image, representing brief analyses of vulnerabilities such as CVE-2022-26134

28,412

people reacted

Threat Brief: Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134) (Updated)

By Abhishek Anbazhagan, Shawn Westfall, Josh Grunzweig, Daniela Shalev and Eli Barr
June 3, 2022 at 5:00 PM

5 min. read

A conceptual image representing the REvil threat actors discussed in the post.

88,898

people reacted

Understanding REvil: REvil Threat Actors May Have Returned (Updated)

By Doel Santos and John Martineau
June 3, 2022 at 1:00 PM

12 min. read

A conceptual image representing malware, such as Popping Eagle.

28,739

people reacted

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

By Yuval Zan and Chen Evgi
June 2, 2022 at 3:00 PM

12 min. read

An image representing threat briefs, such as the one covering CVE-2022-30190

40,304

people reacted

Threat Brief: CVE-2022-30190 – MSDT Code Execution Vulnerability

By Shawn Westfall
May 31, 2022 at 2:45 PM

4 min. read

22,106

people reacted

Network Security Trends: November 2021 to January 2022

By Yue Guan
May 31, 2022 at 12:00 PM

10 min. read

A conceptual image representing a cyber adversary, such as the BEC SilverTerrier threat actor recently arrested as part of Operation Delilah.

31,295

people reacted

Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian Business Email Compromise Actor

By Unit 42
May 25, 2022 at 6:25 AM

5 min. read

Threat brief standard image, in this case used for a threat brief on CVE-2022-22954 and other VMware vulnerabilities.

34,594

people reacted

Threat Brief: VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others)

By Ruchna Nigam
May 20, 2022 at 6:00 AM

5 min. read

A conceptual image representing targeted attacks, including the XLL Files and Dridex infection chain discussed here.

34,498

people reacted

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

By Saqib Khanzada
May 19, 2022 at 12:00 PM

8 min. read

A conceptual image representing phishing - one of the primary delivery methods for Emotet malware, covered here.

34,716

people reacted

Emotet Summary: November 2021 Through January 2022

By Brad Duncan
May 17, 2022 at 6:00 AM

13 min. read

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)

FabricScape: Escaping Service Fabric and Taking Over the Cluster

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

FabricScape: Escaping Service Fabric and Taking Over the Cluster

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

Why Are My Junctions Not Followed? Exploring Windows Redirection Trust Mitigation

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

Exposing HelloXD Ransomware and x4k

LockBit 2.0: How This RaaS Operates and How to Protect Against It

Threat Brief: Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134) (Updated)

Understanding REvil: REvil Threat Actors May Have Returned (Updated)

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

Threat Brief: CVE-2022-30190 – MSDT Code Execution Vulnerability

Network Security Trends: November 2021 to January 2022

Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian Business Email Compromise Actor

Threat Brief: VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others)

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

Emotet Summary: November 2021 Through January 2022

Popular Resources

Legal Notices

Account

Get updates from Unit 42

Trending

Popular Resources

Legal Notices

Account