Coveo

A pictorial representation of an adversary such as an actor linked to Gelsemium that targeted a Southeast Asian government.

3,036

people reacted

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 22, 2023 at 6:05 AM

8 min. read

A pictorial representation of an adversary such as a cluster linked to Stately Taurus.

2,124

people reacted

Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 22, 2023 at 6:03 AM

12 min. read

A pictorial representation of an adversary such as a cluster linked to Alloy Taurus.

1,182

people reacted

Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 22, 2023 at 6:02 AM

13 min. read

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

7,250

people reacted

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

By Robert Falcone
September 19, 2023 at 6:00 AM

10 min. read

A pictorial representation of an APT such as Turla or Pensive Ursa.

3,776

people reacted

Threat Group Assessment: Turla (aka Pensive Ursa)

By Unit 42
September 15, 2023 at 6:00 AM

14 min. read

Pictorial representation of a threat actor like Muddled Libra

28,193

people reacted

Threat Group Assessment: Muddled Libra (Updated)

By Kristopher Russo, Austin Dever and Amer Elsad
September 15, 2023 at 6:00 AM

11 min. read

Unit 42 Attack Surface Threat Research: Constant Change in Cloud Contributes to 45% of New High/Critical Exposures Per Month

2,900

people reacted

Unit 42 Attack Surface Threat Research: Constant Change in Cloud Contributes to 45% of New High/Critical Exposures Per Month

By Unit 42
September 14, 2023 at 3:00 AM

4 min. read

Wireshark Tutorial: Display Filter Expressions

248,812

people reacted

Wireshark Tutorial: Display Filter Expressions

By Brad Duncan
September 8, 2023 at 6:00 AM

110

12 min. read

RedLine Stealer: Answers to Unit Wireshark Quiz

2,353

people reacted

RedLine Stealer: Answers to Unit Wireshark Quiz

By Brad Duncan
September 1, 2023 at 6:00 AM

11 min. read

Wireshark Tutorial: Changing Your Column Display

231,766

people reacted

Wireshark Tutorial: Changing Your Column Display

By Brad Duncan
August 31, 2023 at 5:00 AM

195

14 min. read

A pictorial representation of malware distributed via D-Bus API attacks. An open laptop against a dark background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

2,194

people reacted

Why LaZagne Makes D-Bus API Vigilance Crucial

By Siddharth Sharma
August 24, 2023 at 6:00 AM

6 min. read

Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer

3,237

people reacted

Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer

By Brad Duncan
August 18, 2023 at 6:00 AM

4 min. read

A pictorial representation of a vulnerability such as SugarCRM CVE-2023-22952. A stylized cloud with a lock hanging from it surrounded by technical tools. The Palo Alto Networks and Unit 42 logos.

5,144

people reacted

When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability

By Margaret Zimmermann
August 10, 2023 at 3:15 PM

13 min. read

A pictorial representation of an infostealer like NodeStealer. An open laptop against an orange background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

6,112

people reacted

NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts

By Lior Rochberger
August 1, 2023 at 6:00 AM

14 min. read

A pictorial representation of a vulnerability such as CVE-2023-35078

5,633

people reacted

Threat Brief: Multiple Vulnerabilities Including Zero-Day Remote Unauthenticated API Access – CVE-2023-35078 – in Ivanti Endpoint Manager Mobile (Updated)

By Unit 42
July 28, 2023 at 5:42 PM

8 min. read

Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda

Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

Threat Group Assessment: Turla (aka Pensive Ursa)

Threat Group Assessment: Muddled Libra (Updated)

Unit 42 Attack Surface Threat Research: Constant Change in Cloud Contributes to 45% of New High/Critical Exposures Per Month

Wireshark Tutorial: Display Filter Expressions

RedLine Stealer: Answers to Unit Wireshark Quiz

Wireshark Tutorial: Changing Your Column Display

Why LaZagne Makes D-Bus API Vigilance Crucial

Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer

When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability

NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts

Threat Brief: Multiple Vulnerabilities Including Zero-Day Remote Unauthenticated API Access – CVE-2023-35078 – in Ivanti Endpoint Manager Mobile (Updated)

Popular Resources

Legal Notices

Account

Get updates from Unit 42

Trending

Popular Resources

Legal Notices

Account