Unit 42 - Latest Cyber Security Research

A pictorial representation of threat actor Volt Typhoon

53,814

people reacted

Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (Volt Typhoon)

By Unit 42
February 14, 2024 at 2:30 PM

9 min. read

A pictorial representation of a vulnerability like CVE-2023-50358. A laptop screen displays lines of text. A magnifying glass examining the screen has within it a warning icon.

2,892

people reacted

New Vulnerability in QNAP QTS Firmware: CVE-2023-50358

By Chao Lei, Jeff Luo and Zhibin Zhang
February 13, 2024 at 3:00 AM

5 min. read

A pictorial representation of the Glupteba UEFI bootkit.

3,998

people reacted

Diving Into Glupteba's UEFI Bootkit

By Lior Rochberger and Dan Yashnik
February 12, 2024 at 6:00 AM

12 min. read

A pictorial representation of ransomware leak site data tracked by Unit 42. A hand offers money to another hand holding keys. In the background is a computer screen with the biohazard symbol on it.

5,118

people reacted

Ransomware Retrospective 2024: Unit 42 Leak Site Analysis

By Doel Santos
February 5, 2024 at 3:00 AM

17 min. read

A pictorial representation of Mispadu banking Trojan. A male criminal with a beard and wearing a mask opens a door on a laptop screen.

4,663

people reacted

Exploring the Latest Mispadu Stealer Variant

By Daniela Shalev and Josh Grunzweig
February 2, 2024 at 3:00 AM

12 min. read

A visual representation of ApateWeb. Icons representing warning signs, links, malicious emails, phishing and threat actors. The Palo Alto Networks and Unit 42 logos.

4,807

people reacted

ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign

By Shehroze Farooqi, Howard Tong, Alex Starov, Nabeel Mohamed, Royce Lu and Zhanhao Chen
January 31, 2024 at 3:00 AM

12 min. read

A pictorial representation of the BianLian ransomware gang. A hand offers money to another hand holding keys. In the background is a computer screen with the biohazard symbol on it.

6,495

people reacted

Threat Assessment: BianLian

By Daniel Frank
January 23, 2024 at 3:00 AM

10 min. read

A visual representation of Parrot TDS landing scripts. Icons representing warning signs, links, malicious emails, phishing and threat actors. The Palo Alto Networks and Unit 42 logos.

5,481

people reacted

Parrot TDS: A Persistent and Evolving Malware Campaign

By Zhanglin He, Ben Zhang, Billy Melicher, Qi Deng, Bo Qu and Brad Duncan
January 19, 2024 at 12:00 PM

12 min. read

A pictorial representation of CVE-2023-46805 and CVE-2024-21887 affecting Ivanti. A laptop screen displays lines of text. A magnifying glass examining the screen has within it a warning icon.

18,209

people reacted

Threat Brief: Multiple Ivanti Vulnerabilities (Updated Feb. 8)

By Unit 42
January 16, 2024 at 3:30 PM

18 min. read

A pictorial representation of a financial fraud campaign. A male criminal with a beard and wearing a mask opens a door on a laptop screen.

4,127

people reacted

Financial Fraud APK Campaign

By Chao Lei, Lee Wei Yeong, Zhanhao Chen, Yang Ji, Qi Deng, Royce Lu and Daiping Liu
January 12, 2024 at 3:00 AM

5 min. read

A pictorial representation of the Medusa ransomware gang. A hand offers money to another hand holding keys. In the background is a computer screen with the biohazard symbol on it.

8,230

people reacted

Medusa Ransomware Turning Your Files into Stone

By Anthony Galiette and Doel Santos
January 11, 2024 at 6:00 AM

16 min. read

A pictorial representation of malware analyzed via configuration extractors. An open laptop against a dark background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

5,244

people reacted

Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer

By Mark Lim and Zong-Yu Wu
January 5, 2024 at 3:00 AM

6 min. read

From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence

6,515

people reacted

From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence

By Samantha Stallings and Brad Duncan
December 29, 2023 at 6:00 AM

9 min. read

A pictorial representation of misconfiguration or overprivileged components in Kubernetes.

6,141

people reacted

Dual Privilege Escalation Chain: Exploiting Monitoring and Service Mesh Configurations and Privileges in GKE to Gain Unauthorized Access in Kubernetes

By Shaul Ben Hai
December 27, 2023 at 6:00 AM

11 min. read

A pictorial representation of malware distributed via JavaScript. An open laptop against an orange background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

4,519

people reacted

Why Is an Australian Footballer Collecting My Passwords? The Various Ways Malicious JavaScript Can Steal Your Secrets

By Billy Melicher, Nabeel Mohamed and Alex Starov
December 20, 2023 at 3:00 AM

9 min. read

Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (Volt Typhoon)

Cloud Threats: Original Research and In-Depth Analysis

Threat Vector: The Unit 42 Podcast

Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (Volt Typhoon)

New Vulnerability in QNAP QTS Firmware: CVE-2023-50358

Diving Into Glupteba's UEFI Bootkit

Ransomware Retrospective 2024: Unit 42 Leak Site Analysis

Exploring the Latest Mispadu Stealer Variant

ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign

Threat Assessment: BianLian

Parrot TDS: A Persistent and Evolving Malware Campaign

Threat Brief: Multiple Ivanti Vulnerabilities (Updated Feb. 8)

Financial Fraud APK Campaign

Medusa Ransomware Turning Your Files into Stone

Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer

From DarkGate to AsyncRAT: Malware Detected and Shared As Unit 42 Timely Threat Intelligence

Dual Privilege Escalation Chain: Exploiting Monitoring and Service Mesh Configurations and Privileges in GKE to Gain Unauthorized Access in Kubernetes

Why Is an Australian Footballer Collecting My Passwords? The Various Ways Malicious JavaScript Can Steal Your Secrets

Popular Resources

Legal Notices

Account

Get updates from Unit 42

Trending

Popular Resources

Legal Notices

Account