Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
A conceptual image representing ransomware, including the emerging ransomware groups covered here: AvosLocker, Hive, HelloKitty and LockBit 2.0.
22,783
people reacted

Ransomware Groups to Watch: Emerging Threats

Emerging ransomware groups to watch, according to Unit 42 researchers: AvosLocker, Hive Ransomware, HelloKitty and LockBit 2.0.

Read Blog

45

11 min. read

A conceptual image associated with the threat brief series, such as this post covering recent OMI vulnerabilities and how to remediate.
836
people reacted

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

Four critical OMI vulnerabilities – one unauthorized RCE and three privilege escalation – were recently disclosed. Here’s how to remediate them.

Read Blog

2

2 min. read

Cloud Threats: Original Research and In-Depth Analysis

Learn more

Don't Panic!: The Unit 42 Podcast

Listen

Get updates on Unit 42

Please enter your email address!

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

Please mark, I'm not a robot!

  • All
  • Threat Briefs
  • Threat Assessments
  • Reports
  • All
  • Threat Briefs
  • Threat Assessments
  • Reports
A conceptual image associated with the threat brief series, such as this post covering recent OMI vulnerabilities and how to remediate.
836
people reacted

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

  • By Nathaniel Quist
  • September 16, 2021 at 12:00 PM

2

2 min. read

A conceptual image representing exploitation of DNS, such as an often overlooked issue discussed in this blog, dangling domains, which can be exploited for DNS hijacking.
1,437
people reacted

Dangling Domains: Security Threats, Detection and Prevalence

  • By Daiping Liu and Ruian Duan
  • September 16, 2021 at 6:00 AM

4

12 min. read

Trending

  • Understanding REvil: The Ransomware Gang Behind the Kaseya VSA Attack
  • Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools
  • Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances
  • Threat Brief: Kaseya VSA Ransomware Attack
  • Network Attack Trends: February-April 2021
A conceptual image representing the COVID-19 pandemic and cybercrime – this blog discusses how threat actors are poised to take advantage of one of the aspects of the slowing spread of the virus: attacking a renewed travel industry with travel-themed phishing campaigns.
3,412
people reacted

Phishing Eager Travelers

  • By Anna Chung and Swetha Balla
  • September 15, 2021 at 6:00 AM

9

9 min. read

A conceptual image representing phishing, such as the JavaScript-based phishing discussed here.
5,938
people reacted

PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection

  • By Lucas Hu
  • September 10, 2021 at 6:00 AM

15

7 min. read

A conceptual image illustrating vulnerabilities related to containers and Kubernetes, such as Azurescape, the cross-account container takeover in Azure Container Instances discussed here.
37,084
people reacted

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

  • By Yuval Avrahami
  • September 9, 2021 at 3:00 AM

51

14 min. read

A conceptual image representing vulnerabilities, such as CVE-2021-26084, discussed here.
12,124
people reacted

Threat Brief: CVE-2021-26084

  • By Unit 42
  • September 3, 2021 at 12:20 PM

15

2 min. read

A conceptual image representing malware, such as the malware discussed here, designed to evade classifiers through benign append attacks.
9,632
people reacted

The Innocent Until Proven Guilty Learning Framework Helps Overcome Benign Append Attacks

  • By Brody Kutt, Oleksii Starov and Billy Hewlett
  • September 1, 2021 at 3:00 PM

17

11 min. read

A conceptual image representing issues with DNS, such as the DNS rebinding discussed here.
13,565
people reacted

DNS Rebinding Attack: How Malicious Websites Exploit Private Networks

  • By Zhanhao Chen
  • August 31, 2021 at 6:00 AM

24

13 min. read

A conceptual image representing a vulnerability, such as CVE-2021-32305, discussed in this post.
13,585
people reacted

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

  • By Brock Mammen and Haozhe Zhang
  • August 30, 2021 at 6:00 AM

10

5 min. read

A conceptual image representing cybersecurity trends, such as the uptick of worldwide phishing attacks observed at the peak of working from home
14,266
people reacted

Worldwide Phishing Attacks Ramped Up At the Peak of Working From Home

  • By Lucas Hu
  • August 25, 2021 at 6:00 AM

21

8 min. read

Personal VPN and Its Evasions: Risk Factors and How to Maintain Network Visibility
15,675
people reacted

Personal VPN and Its Evasions: Risk Factors and How to Maintain Network Visibility

  • By Saeed Abbasi and Kirti Parekh
  • August 16, 2021 at 6:00 PM

25

7 min. read

A conceptual image representing phishing, as discussed in this post. Here, we cover CAPTCHA-protected phishing campaigns and how they can be detected and mitigated.
18,388
people reacted

Discovering CAPTCHA Protected Phishing Campaigns

  • By Shresta Bellary Seetharam, Billy Melicher and Oleksii Starov
  • August 13, 2021 at 12:00 PM

22

8 min. read

A conceptual image representing the network-attached devices common in the small office and home office that are being targeted by the eCh0raix ransomware variant.
26,997
people reacted

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices

  • By Ruchna Nigam, Haozhe Zhang and Zhibin Zhang
  • August 10, 2021 at 3:00 AM

31

12 min. read

A conceptual image representing cloud misconfigurations, such as the IAM misconfigurations discussed here.
21,150
people reacted

Unit 42 Cloud Threat Report Update: Cloud Security Weakens as More Organizations Fail to Secure IAM

  • By Nathaniel Quist
  • August 5, 2021 at 3:00 PM

20

7 min. read

A conceptual image representing Siloscape, the Windows container escape that was recently prevented by a Microsoft patch.
20,066
people reacted

Microsoft Patched the Issue With Windows Containers That Enabled Siloscape

  • By Daniel Prizmant
  • August 5, 2021 at 8:00 AM

15

4 min. read

loader gif
Sorry, no results were found.
Sorry, no results were found.
Clear

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2021 Palo Alto Networks, Inc. All rights reserved.