• Tools
  • ATOMs
  • About Us
Threat brief conceptual image, representing Unit 42 threat briefs such as this post, covering SolarStorm and SUNBURST
62,745
people reacted

Threat Brief: SolarStorm and SUNBURST Customer Coverage

We are tracking the SolarWinds attack, SolarStorm and SUNBURST while working to ensure protections are in place for Palo Alto Networks customers.

Read Blog

170

14 min. read

Conceptual image representing vulnerabilities, such as the four zero-day Microsoft Exchange Server vulnerabilities discussed in this post.
8,358
people reacted

Threat Assessment: Active Exploitation of Four Zero-Day Vulnerabilities in Microsoft Exchange Server

Due to a surge of malicious activity surrounding four zero-day Microsoft Exchange Server vulnerabilities, we assess the threat and suggest COAs.

Read Blog

11

5 min. read

Cloud Threats: Original Research and In-Depth Analysis

Learn more

Don't Panic!: The Unit 42 Podcast

Listen

Get updates on Unit 42

Please enter your email address!

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

Please mark, I'm not a robot!

  • All
  • Threat Briefs
  • Threat Assessments
  • Reports
  • All
  • Threat Briefs
  • Threat Assessments
  • Reports
Conceptual image representing vulnerabilities, such as the four zero-day Microsoft Exchange Server vulnerabilities discussed in this post.
8,358
people reacted

Threat Assessment: Active Exploitation of Four Zero-Day Vulnerabilities in Microsoft Exchange Server

  • By Unit 42
  • March 3, 2021 at 3:30 PM

11

5 min. read

Conceptual image representing threat briefs, such as this post concerning CVE-2020-17049
2,731
people reacted

Threat Brief: Kerberos KDC Security Feature Bypass Vulnerability (CVE-2020-17049 AKA Bronze Bit)

  • By Aviad Meyer and Liav Zigelbaum
  • March 3, 2021 at 12:15 PM

3

< 1 min. read

Trending

  • COVID-19: Cloud Threat Landscape
  • SilverTerrier: New COVID-19 Themed Business Email Compromise Schemes
  • Updated BackConfig Malware Targeting Government and Military Organizations in South Asia
  • Threat Brief: Maze Ransomware Activities
  • COVID-19 Themed Malware Within Cloud Environments
Cybercriminals, conceptualized by this image of a man illicitly opening a door into a computer, use techniques such as fast flux, described here, to evade detection and law enforcement takedowns.
4,490
people reacted

Fast Flux 101: How Cybercriminals Improve the Resilience of Their Infrastructure to Evade Detection and Law Enforcement Takedowns

  • By Janos Szurdi, Rebekah Houser and Daiping Liu
  • March 2, 2021 at 6:00 AM

7

13 min. read

A conceptual image representing malware, such as IronNetInjector, discussed in this blog, Turla's new malware loading tool.
17,091
people reacted

IronNetInjector: Turla’s New Malware Loading Tool

  • By Dominik Reichel
  • February 19, 2021 at 6:00 AM

27

10 min. read

This conceptual image illustrates cryptojacking, such as the WatchDog cryptojacking compaign discussed in this blog.
14,989
people reacted

WatchDog: Exposing a Cryptojacking Campaign That’s Operated for Two Years

  • By Nathaniel Quist
  • February 17, 2021 at 6:00 AM

9

16 min. read

Threat brief conceptual image, covering analysis and mitigations of vulnerabilities such as CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094
32,488
people reacted

Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094)

  • By Abisheik Ganesan
  • February 9, 2021 at 2:30 PM

51

6 min. read

BendyBear, conceptually illustrated here, is novel Chinese shellcode linked with cyber espionage group BlackTech.
34,292
people reacted

BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech

  • By Mike Harbison
  • February 9, 2021 at 3:00 AM

55

16 min. read

Conceptual image representing a vulnerability, such as CVE-2020-25213, discussed here.
19,695
people reacted

Exploits in the Wild for WordPress File Manager RCE Vulnerability (CVE-2020-25213)

  • By Nadav Markus, Efi Barkayev and Gal De Leon
  • February 5, 2021 at 3:00 PM

6

2 min. read

This conceptual image covers the concept of container security. Attacks on containers, such as that of the Hildegard malware detailed here, can allow attackers access to a large amount of computing resources.
29,876
people reacted

Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes

  • By Jay Chen, Aviv Sasson and Ariel Zelivansky
  • February 3, 2021 at 6:00 AM

22

10 min. read

22,294
people reacted

Pro-Ocean: Rocke Group’s New Cryptojacking Malware

  • By Aviv Sasson
  • January 28, 2021 at 6:00 AM

19

7 min. read

The conceptual image represents internet attack trends such as those discussed here, including scanner activities and HTTP directory traversal exploitation attempts.
19,329
people reacted

Network Attack Trends: Internet of Threats

  • By Yue Guan, Lei Xu, Ken Hsu and Zhibin Zhang
  • January 22, 2021 at 6:00 AM

15

8 min. read

The word "Tutorial," superimposed over an image used in the Wireshark Tutorial series.
32,999
people reacted

Wireshark Tutorial: Examining Emotet Infection Traffic

  • By Brad Duncan
  • January 19, 2021 at 6:00 AM

35

15 min. read

This conceptual image illustrates the concept of cloud providers.
21,476
people reacted

Open Source Tool Release: Gaining Novel AWS Access With EBS Direct APIs

  • By Michael Bailey
  • January 12, 2021 at 6:00 AM

9

6 min. read

The BumbleBee webshell, conceptually illustrated here, was discovered as part of an investigation of the continued xHunt campaign.
24,762
people reacted

xHunt Campaign: New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement

  • By Robert Falcone
  • January 11, 2021 at 12:01 AM

10

25 min. read

The image represents malicious email campaigns, such as TA551, often push a variety of malware, such as Valak and IcedID.
26,520
people reacted

TA551: Email Attack Campaign Switches from Valak to IcedID

  • By Brad Duncan
  • January 7, 2021 at 12:01 AM

10

9 min. read

loader gif
Sorry, no results were found.
Sorry, no results were found.
Clear

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2021 Palo Alto Networks, Inc. All rights reserved.