Coveo

A conceptual image representing malware, including PlugX

1,653

people reacted

Chinese PlugX Malware Hidden in Your USB Devices?

By Mike Harbison and Jen Miller-Osborn
January 26, 2023 at 6:00 AM

12 min. read

A pictorial representation of network attack trends such as CVE-2021-35394 featuring a stylized bug on IoT-related products. The Palo Alto Networks and Unit 42 logos are included.

7,096

people reacted

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

By Yiheng An, Chao Lei, Adam Robbie, Aveek Das, Zhibin Zhang and Shehroze Farooqi
January 24, 2023 at 6:00 AM

8 min. read

The text Wireshark Quiz in orange set across a screenshot of the Wireshark program.

3,619

people reacted

Answers to Unit 42 Wireshark Quiz, January 2023

By Brad Duncan
January 23, 2023 at 6:00 AM

6 min. read

8,769

people reacted

Unit 42 Wireshark Quiz, January 2023

By Brad Duncan
January 20, 2023 at 6:00 AM

4 min. read

A pictorial representation of a security vulnerability. It shows a checkmark on a shield within a crystal ball.

12,263

people reacted

Network Security Trends: August-October 2022

By Yiheng An
January 12, 2023 at 6:00 AM

11 min. read

A pictorial representation of the JsonWebToken vulnerability.

75,289

people reacted

Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)

By Artur Oleyarsh
January 9, 2023 at 6:00 AM

7 min. read

A pictorial representation of PurpleUrchin and cryptomining. Included are the Palo Alto Networks and Unit 42 logos.

24,013

people reacted

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources

By William Gamazo and Nathaniel Quist
January 5, 2023 at 6:00 AM

10 min. read

A pictorial depiction of a sandbox evasion

26,856

people reacted

Navigating the Vast Ocean of Sandbox Evasions

By Esmid Idrizovic, Bob Jung, Daniel Raygoza and Sean Hughes
December 27, 2022 at 6:00 AM

13 min. read

A pictorial representation of the ProxyNotShell bypass threat brief

35,731

people reacted

Threat Brief: OWASSRF Vulnerability Exploitation

By Robert Falcone and Lior Rochberger
December 22, 2022 at 5:30 PM

9 min. read

A pictorial representation of a meddler-in-the-middle phishing attack

33,499

people reacted

Meddler-in-the-Middle Phishing Attacks Explained

By Lucas Hu, Howard Tong, Suiqiang Deng and Alex Starov
December 21, 2022 at 6:00 AM

10 min. read

A pictorial representation of Trident Ursa showing a purple bear and trident

49,220

people reacted

Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine

By Unit 42
December 20, 2022 at 3:00 AM

15 min. read

A pictorial representation of many storage containers stacked together

34,141

people reacted

Digging Inside Azure Functions: HyperV Is the Last Line of Defense

By Daniel Prizmant and Aviv Sasson
December 15, 2022 at 6:00 AM

10 min. read

An illustrative example of Kerberos attacks using golden, diamond, or sapphire tickets

44,520

people reacted

Precious Gemstones: The New Generation of Kerberos Attacks

By Oz Soprin and Shachar Roitman
December 12, 2022 at 6:00 AM

14 min. read

A pictorial representation of a cloud breach

44,465

people reacted

Compromised Cloud Compute Credentials: Case Studies From the Wild

By Dror Alon
December 8, 2022 at 3:00 PM

9 min. read

Image showing illustrative example of ransomware like Vice Society with a hand offering money to a second hand holding a key with a computer screen showing a virus image on it

53,051

people reacted

Vice Society: Profiling a Persistent Threat to the Education Sector

By JR Gumarin
December 6, 2022 at 3:00 AM

13 min. read

Chinese Playful Taurus Activity in Iran

Chinese PlugX Malware Hidden in Your USB Devices?

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

Chinese PlugX Malware Hidden in Your USB Devices?

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

Answers to Unit 42 Wireshark Quiz, January 2023

Unit 42 Wireshark Quiz, January 2023

Network Security Trends: August-October 2022

Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources

Navigating the Vast Ocean of Sandbox Evasions

Threat Brief: OWASSRF Vulnerability Exploitation

Meddler-in-the-Middle Phishing Attacks Explained

Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine

Digging Inside Azure Functions: HyperV Is the Last Line of Defense

Precious Gemstones: The New Generation of Kerberos Attacks

Compromised Cloud Compute Credentials: Case Studies From the Wild

Vice Society: Profiling a Persistent Threat to the Education Sector

Popular Resources

Legal Notices

Account

Get updates from Unit 42

Trending

Popular Resources

Legal Notices

Account