Unit 42 - Latest Cyber Security Research

All
Threat Briefs
Threat Assessments
Reports

All
Threat Briefs
Threat Assessments
Reports

2,978

people reacted

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

By Mark Lim and Riley Porter
June 24, 2022 at 6:00 AM

5 min. read

Conceptual illustration showing malicious files

15,386

people reacted

Why Are My Junctions Not Followed? Exploring Windows Redirection Trust Mitigation

By Gal De Leon
June 14, 2022 at 3:00 PM

5 min. read

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

By Unit 42
June 13, 2022 at 3:00 AM

10 min. read

A conceptual image representing ransomware, including HelloXD.

23,194

people reacted

Exposing HelloXD Ransomware and x4k

By Daniel Bunce and Doel Santos
June 10, 2022 at 6:00 PM

15 min. read

A conceptual image representing ransomware, such as LockBit 2.0, discussed here.

21,722

people reacted

LockBit 2.0: How This RaaS Operates and How to Protect Against It

By Amer Elsad, JR Gumarin and Abigail Barr
June 9, 2022 at 6:00 AM

16 min. read

Threat Brief image, representing brief analyses of vulnerabilities such as CVE-2022-26134

23,400

people reacted

Threat Brief: Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134) (Updated)

By Abhishek Anbazhagan, Shawn Westfall, Josh Grunzweig, Daniela Shalev and Eli Barr
June 3, 2022 at 5:00 PM

5 min. read

A conceptual image representing the REvil threat actors discussed in the post.

84,125

people reacted

Understanding REvil: REvil Threat Actors May Have Returned (Updated)

By Doel Santos and John Martineau
June 3, 2022 at 1:00 PM

12 min. read

A conceptual image representing malware, such as Popping Eagle.

24,046

people reacted

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

By Yuval Zan and Chen Evgi
June 2, 2022 at 3:00 PM

12 min. read

An image representing threat briefs, such as the one covering CVE-2022-30190

35,642

people reacted

Threat Brief: CVE-2022-30190 – MSDT Code Execution Vulnerability

By Shawn Westfall
May 31, 2022 at 2:45 PM

4 min. read

17,619

people reacted

Network Security Trends: November 2021 to January 2022

By Yue Guan
May 31, 2022 at 12:00 PM

10 min. read

A conceptual image representing a cyber adversary, such as the BEC SilverTerrier threat actor recently arrested as part of Operation Delilah.

26,809

people reacted

Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian Business Email Compromise Actor

By Unit 42
May 25, 2022 at 6:25 AM

5 min. read

Threat brief standard image, in this case used for a threat brief on CVE-2022-22954 and other VMware vulnerabilities.

30,032

people reacted

Threat Brief: VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others)

By Ruchna Nigam
May 20, 2022 at 6:00 AM

5 min. read

A conceptual image representing targeted attacks, including the XLL Files and Dridex infection chain discussed here.

30,040

people reacted

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

By Saqib Khanzada
May 19, 2022 at 12:00 PM

8 min. read

A conceptual image representing phishing - one of the primary delivery methods for Emotet malware, covered here.

30,073

people reacted

Emotet Summary: November 2021 Through January 2022

By Brad Duncan
May 17, 2022 at 6:00 AM

13 min. read

A conceptual image representing cloud service providers. So far, ransomware in public clouds is rare, partly due to the attention cloud service providers pay to securing their infrastructure.

28,049

people reacted

A Look Into Public Clouds From the Ransomware Actor's Perspective

By Jay Chen
May 16, 2022 at 6:00 AM

14 min. read

Sorry, no results were found.

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

Cloud Threats: Original Research and In-Depth Analysis

Don't Panic!: The Unit 42 Podcast

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

Why Are My Junctions Not Followed? Exploring Windows Redirection Trust Mitigation

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool

Exposing HelloXD Ransomware and x4k

LockBit 2.0: How This RaaS Operates and How to Protect Against It

Threat Brief: Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134) (Updated)

Understanding REvil: REvil Threat Actors May Have Returned (Updated)

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor

Threat Brief: CVE-2022-30190 – MSDT Code Execution Vulnerability

Network Security Trends: November 2021 to January 2022

Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian Business Email Compromise Actor

Threat Brief: VMware Vulnerabilities Exploited in the Wild (CVE-2022-22954 and Others)

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

Emotet Summary: November 2021 Through January 2022

A Look Into Public Clouds From the Ransomware Actor's Perspective

Popular Resources

Legal Notices

Account

Get updates from Unit 42

Trending

Popular Resources

Legal Notices

Account