Coveo

Conceptual image representing malware, such as the information stealer IcedID, being delivered by a polyglot file.

9,925

people reacted

More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID

By Mark Lim
September 27, 2022 at 6:00 AM

4 min. read

Conceptual image representing adversaries and advanced persistent threats. Here, we discuss a method for finding these groups by hunting for unsigned DLLs.

13,502

people reacted

Hunting for Unsigned DLLs to Find APTs

By Daniela Shalev and Itay Gamliel
September 26, 2022 at 6:00 AM

7 min. read

DNS security and issues such as domain shadowing are represented by the caution sign within a folder structure. Image includes Palo Alto Networks and Unit 42 logos.

20,911

people reacted

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

By Janos Szurdi, Rebekah Houser and Daiping Liu
September 21, 2022 at 6:00 AM

7 min. read

Conceptual image representing zero-day exploit detection using machine learning.

17,302

people reacted

Zero-Day Exploit Detection Using Machine Learning

By Jin Chen, Lei Xu, Andrew Guan, Zhibin Zhang and Yu Fu
September 16, 2022 at 6:00 AM

10 min. read

A conceptual image representing malware such as OriginLogger

23,049

people reacted

OriginLogger: A Look at Agent Tesla’s Successor

By Jeff White
September 13, 2022 at 6:00 AM

14 min. read

Credential gathering techniques discussed here can open the door to cybercriminals as depicted in this conceptual image.

24,467

people reacted

Credential Gathering From Third-Party Software

By Dor Attar
September 8, 2022 at 12:00 PM

14 min. read

Conceptual image representing IoT security, including the MooBot attacks targeting D-Link devices that are discussed here.

31,334

people reacted

Mirai Variant MooBot Targeting D-Link Devices

By Chao Lei, Zhibin Zhang, Cecilia Hu and Aveek Das
September 6, 2022 at 6:00 AM

6 min. read

Conceptual image representing global traffic and information flow. Tor sometimes plays a role in efforts to conceal network traffic, both benign and malicious.

32,622

people reacted

Tor 101: How Tor Works and its Risks to the Enterprise

By Janos Szurdi
August 29, 2022 at 6:00 AM

14 min. read

39,218

people reacted

Threat Assessment: Black Basta Ransomware

By Amer Elsad
August 25, 2022 at 12:00 PM

12 min. read

Conceptual image representing threat actor activity, including the platform-abuse phishing attacks discussed here

40,305

people reacted

Legitimate SaaS Platforms Being Used to Host Phishing Attacks

By Lucas Hu
August 23, 2022 at 6:00 AM

7 min. read

Conceptual image representing trends, including recent exploits in the wild and other network security trends

43,020

people reacted

Network Security Trends: Recent Exploits Observed in the Wild Include Remote Code Execution, Cross-Site Scripting and More

By Yue Guan
August 19, 2022 at 4:00 PM

11 min. read

Ransomware conceptual image, covering groups including BlueSky Ransomware

59,189

people reacted

BlueSky Ransomware: Fast Encryption via Multithreading

By Muhammad Umer Khan, Lee Wei, Yang Ji and Wenjun Hu
August 10, 2022 at 12:00 PM

1050

7 min. read

Ransomware conceptual image, covering groups such as Cuba Ransomware aka Tropical Scorpius

58,696

people reacted

Novel News on Cuba Ransomware: Greetings From Tropical Scorpius

By Anthony Galiette, Daniel Bunce, Doel Santos and Shawn Westfall
August 9, 2022 at 9:00 AM

20 min. read

Conceptual image representing phishing, including the way Bumblebee malware is distributed, as discussed here

60,670

people reacted

Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

By Brad Duncan
August 3, 2022 at 12:00 PM

8 min. read

56,098

people reacted

dotnetfile Open Source Python Library: Parsing .NET PE Files Has Never Been Easier

By Yaron Samuel
July 28, 2022 at 1:45 PM

9 min. read

Attackers Move Quickly to Exploit High-Profile Zero Days: Insights From the 2022 Unit 42 Incident Response Report

More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID

Hunting for Unsigned DLLs to Find APTs

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

Zero-Day Exploit Detection Using Machine Learning

OriginLogger: A Look at Agent Tesla’s Successor

Credential Gathering From Third-Party Software

Mirai Variant MooBot Targeting D-Link Devices

Tor 101: How Tor Works and its Risks to the Enterprise

Threat Assessment: Black Basta Ransomware

Legitimate SaaS Platforms Being Used to Host Phishing Attacks

Network Security Trends: Recent Exploits Observed in the Wild Include Remote Code Execution, Cross-Site Scripting and More

BlueSky Ransomware: Fast Encryption via Multithreading

Novel News on Cuba Ransomware: Greetings From Tropical Scorpius

Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

dotnetfile Open Source Python Library: Parsing .NET PE Files Has Never Been Easier

Popular Resources

Legal Notices

Account

Get updates from Unit 42

Trending

Popular Resources

Legal Notices

Account