Posts created by: Alex Hinchliffe

DNS is a critical foundation of the Internet that makes it possible to get to websites without entering numerical IP addresses. The power that makes DNS beneficial for everyone also creates potential for abuse. Unit 42 researchers explain how attackers can abuse DNS to hide their tracks and steal data using a technique known as “DNS Tunneling.” This research can help organizations understand DNS-based threats and the risks they pose to their environment.

Through investigations into infrastructure used by HenBox malware, Unit 42 has discovered another malware family built for the more frequently-targeted Microsoft Windows operating system we named ‘Farseer’.

Unit 42 goes inside the coop with new analysis and additional information on malicious HenBox applications

Unit 42 discovers HenBox, an Android Malware family masquerading as legitimate apps on third-party app stores.

Unit 42 recently observed Remote Access Trojan KHRAT activity targeting the citizens of Cambodia.

Unit 42’s EMEA bi-monthly threat report.

Alex Hinchliffe of Unit 42 examines recent threats targeting the EMEA region.

Unit 42 research team have been investigating a wave of Nemucod downloader malware that uses weaponized documents to deploy encoded, and heavily obfuscated JavaScript, ultimately leading to further payloads being delivered to the victim.

Unit 42 continues their look into the EMEA malware trends of the last six months.

Introduction As we head towards the end of the year it’s common to reflect on the year almost behind us and to predict what the new year approaching will bring in terms of security challenges. This blog is part of a series that describe malware trends seen in the EMEA (Europe Middle East and Africa)