Unit 42 - Latest Cyber Security Research

The Conti ransomware gang gets an overview.

1,098

people reacted

Conti Ransomware Gang: An Overview

By Richard Hickman
June 18, 2021 at 6:00 AM

5 min. read

A conceptual image representing adversaries and their tactics, such as the Matanbuchus malware-as-a-service described here.

4,069

people reacted

Matanbuchus: Malware-as-a-Service with Demonic Intentions

By Jeff White and Kyle Wilhoit
June 16, 2021 at 7:32 AM

9 min. read

A conceptual image representing Prometheus ransomware

14,309

people reacted

Prometheus Ransomware Gang: A Group of REvil?

By Doel Santos
June 9, 2021 at 3:00 AM

9 min. read

A conceptual image representing threats in the cloud, such as TeamTNT, which is expanding its cryptojacking footprint with new TTPs.

9,375

people reacted

TeamTNT Using WatchDog TTPs to Expand Its Cryptojacking Footprint

By Nathaniel Quist
June 8, 2021 at 6:00 AM

9 min. read

A conceptual image representing Siloscape, the first known malware targeting Windows containers.

28,597

people reacted

Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments

By Daniel Prizmant
June 7, 2021 at 3:00 AM

11 min. read

A conceptual image representing cloud misconfigurations, which can often be a vector for attackers such as TeamTNT to perform activities such as enumerating cloud environments.

10,928

people reacted

TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations

By Nathaniel Quist
June 4, 2021 at 6:00 AM

13 min. read

A conceptual image representing Docker and related container security issues, such as those revealed by the Docker honeypot discussed here.

15,378

people reacted

Docker Honeypot Reveals Cryptojacking as Most Common Cloud Threat

By Aviv Sasson
May 27, 2021 at 12:00 PM

5 min. read

Learn From a Wiped Computer with Digital Forensics

13,094

people reacted

What Can You Learn From a “Wiped” Computer With Digital Forensics?

By Michael Savitz
May 27, 2021 at 12:00 AM

4 min. read

Machine Learning Command and Control project detects C2 traffic types.

14,985

people reacted

Using AI to Detect Malicious C2 Traffic

By Ajaya Neupane and Stefan Achleitner
May 24, 2021 at 6:00 AM

8 min. read

A conceptual image representing ransomware attacks

14,140

people reacted

Breaking Down Ransomware Attacks

By Jeremy Brown and Ashlie Blanca
May 21, 2021 at 6:00 PM

6 min. read

A conceptual image representing cybercrime, such as the way that BazarCall uses call centers for BazarLoader malware

20,109

people reacted

BazarCall Method: Call Centers Help Spread BazarLoader Malware

By Brad Duncan
May 19, 2021 at 4:00 PM

9 min. read

A conceptual image representing ransomware, such as the DarkSide ransomware discussed in this post.

25,706

people reacted

DarkSide Ransomware Gang: An Overview

By Ramarcus Baylor
May 12, 2021 at 1:00 PM

8 min. read

A conceptual image representing cloud providers. As described in the article, now that so much data is located in the cloud, organizations that don't set up proper controls on the movement of data can be vulnerable to file transfer threats resulting in data theft or data loss.

19,261

people reacted

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

By Saeed Abbasi
May 5, 2021 at 6:00 AM

5 min. read

A conceptual image representing malicious domains, such as those that can be identified by the proactive detector discussed in this piece.

19,678

people reacted

Detecting and Preventing Malicious Domains Proactively with DNS Security

By Zhanhao Chen and Daiping Liu
May 4, 2021 at 6:00 AM

11 min. read

A conceptual image representing the new cryptocurrency stealer, WeSteal.

25,787

people reacted

New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)

By Robert Falcone and Simon Conant
April 29, 2021 at 12:01 AM

9 min. read

Highlights from the Unit 42 Cloud Threat Report, 1H 2021

Conti Ransomware Gang: An Overview

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

Conti Ransomware Gang: An Overview

Matanbuchus: Malware-as-a-Service with Demonic Intentions

Prometheus Ransomware Gang: A Group of REvil?

TeamTNT Using WatchDog TTPs to Expand Its Cryptojacking Footprint

Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments

TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations

Docker Honeypot Reveals Cryptojacking as Most Common Cloud Threat

What Can You Learn From a “Wiped” Computer With Digital Forensics?

Using AI to Detect Malicious C2 Traffic

Breaking Down Ransomware Attacks

BazarCall Method: Call Centers Help Spread BazarLoader Malware

DarkSide Ransomware Gang: An Overview

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

Detecting and Preventing Malicious Domains Proactively with DNS Security

New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)

Popular Resources

Legal Notices

Account

Get updates on Unit 42

Trending

Popular Resources

Legal Notices

Account