Unit 42 - Latest Cyber Security Research

A conceptual image representing cloud providers. As described in the article, now that so much data is located in the cloud, organizations that don't set up proper controls on the movement of data can be vulnerable to file transfer threats resulting in data theft or data loss.

2,232

people reacted

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

By Saeed Abbasi
May 5, 2021 at 6:00 AM

5 min. read

A conceptual image representing malicious domains, such as those that can be identified by the proactive detector discussed in this piece.

3,485

people reacted

Detecting and Preventing Malicious Domains Proactively with DNS Security

By Zhanhao Chen and Daiping Liu
May 4, 2021 at 6:00 AM

11 min. read

A conceptual image representing the new cryptocurrency stealer, WeSteal.

10,484

people reacted

New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)

By Robert Falcone and Simon Conant
April 29, 2021 at 12:01 AM

9 min. read

A conceptual image representing Kubernetes topics, including the unsecured Kubernetes instances discussed here.

10,650

people reacted

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

By Jay Chen, Aviv Sasson and Ariel Zelivansky
April 23, 2021 at 5:40 PM

11 min. read

7,625

people reacted

Threat Brief: Codecov Bash Uploader

By Unit 42
April 23, 2021 at 2:00 PM

< 1 min. read

14,554

people reacted

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Qi Deng
April 15, 2021 at 11:44 AM

6 min. read

A conceptual image representing espionage, such as the attempted (but unsuccessful) credential harvesting discussed here.

15,649

people reacted

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

By Robert Falcone
April 15, 2021 at 6:00 AM

8 min. read

A conceptual image representing container security, such as that affected by CVE-2021-20291, discussed in this post

13,711

people reacted

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

By Aviv Sasson
April 14, 2021 at 6:00 AM

4 min. read

A conceptual image representing ransomware, such as the Clop ransomware family discussed in this threat assessment.

13,548

people reacted

Threat Assessment: Clop Ransomware

By Doel Santos
April 13, 2021 at 8:00 AM

6 min. read

12,932

people reacted

Network Attack Trends: Internet of Threats (November 2020-January 2021)

By Lei Xu, Yue Guan and Vaibhav Singhal
April 12, 2021 at 10:37 AM

8 min. read

A conceptual image representing the concept of malware, such as that covered in this case study of Emotet Command and Control traffic.

16,146

people reacted

Emotet Command and Control Case Study

By Chris Navarrete and Yanhui Jia
April 9, 2021 at 12:00 PM

9 min. read

14,487

people reacted

Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

By Ken Hsu, Vaibhav Singhal and Zhibin Zhang
April 8, 2021 at 12:29 PM

5 min. read

The word "Tutorial," superimposed over an image used in the Wireshark Tutorial series.

17,164

people reacted

Wireshark Tutorial: Examining Traffic from Hancitor Infections

By Brad Duncan
April 7, 2021 at 6:00 AM

20 min. read

Conceptual image representing 2020 phishing trends with PDF files

21,304

people reacted

2020 Phishing Trends With PDF Files

By Ashkan Hosseini and Ashutosh Chitwadgi
April 5, 2021 at 6:00 PM

19 min. read

Malicious email, as depicted here, can be the starting point of a chain of events related to Hancitor infections, which have recently been observed distributing Cobalt Strike and using a noisy network ping tool.

21,833

people reacted

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

By Brad Duncan
April 1, 2021 at 12:00 PM

11 min. read

Highlights from the Unit 42 Cloud Threat Report, 1H 2021

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

Detecting and Preventing Malicious Domains Proactively with DNS Security

New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

Threat Brief: Codecov Bash Uploader

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

Threat Assessment: Clop Ransomware

Network Attack Trends: Internet of Threats (November 2020-January 2021)

Emotet Command and Control Case Study

Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

Wireshark Tutorial: Examining Traffic from Hancitor Infections

2020 Phishing Trends With PDF Files

Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool

Popular Resources

Legal Notices

Account

Get updates on Unit 42

Trending

Popular Resources

Legal Notices

Account