Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts created by: Chris Navarrete

Spike in LokiBot Activity During Final Week of 2022A pictorial representation of malicious email like LokiBot where a stylized bug pops out of an envelope
31,210
people reacted

Spike in LokiBot Activity During Final Week of 2022

  • By Chris Navarrete, Edouard Bochin, Durgesh Sangvikar, Lei Xu and Yu Fu
  • March 3, 2023 at 6:00 AM

15

8 min. read

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the WildMalware conceptual image, covering topics such as Cobalt Strike Team Server, which can be abused by malware authors for malicious purposes
67,578
people reacted

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild

  • By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj
  • November 3, 2022 at 6:00 AM

23

9 min. read

Trending

  • Finding Gozi: Answers to Unit 42 Wireshark Quiz, March 2023 by Brad Duncan
  • Threat Brief: 3CXDesktopApp Supply Chain Attack by Robert Falcone
Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and DecryptionA conceptual image representing malware and its evasions.
48,185
people reacted

Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption

  • By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
  • July 13, 2022 at 6:00 AM

31

9 min. read

Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and DecodingA conceptual image that represents malware, including the malicious uses of Cobalt Strike and its metadata encoding algorithm covered here.
37,654
people reacted

Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding

  • By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
  • May 6, 2022 at 12:00 PM

11

9 min. read

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to DetectA conceptual image representing malware, including the adversarial use of Cobalt Strike and its Malleable C2 profile discussed here.
66,287
people reacted

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect

  • By Chris Navarrete, Durgesh Sangvikar, Andrew Guan, Yu Fu, Yanhui Jia and Siddhart Shibiraj
  • March 16, 2022 at 3:00 PM

17

9 min. read

Emotet Command and Control Case StudyA conceptual image representing the concept of malware, such as that covered in this case study of Emotet Command and Control traffic.
39,664
people reacted

Emotet Command and Control Case Study

  • By Chris Navarrete and Yanhui Jia
  • April 9, 2021 at 12:00 PM

13

9 min. read

Attack Chain Overview: Emotet in December 2020 and January 2021A conceptual image representing malware, such as Emotet, discussed in this blog.
28,111
people reacted

Attack Chain Overview: Emotet in December 2020 and January 2021

  • By Chris Navarrete, Yanhui Jia, Matthew Tennis, Durgesh Sangvikar and Rongbo Shao
  • March 8, 2021 at 6:00 AM

18

11 min. read

njRAT Spreading Through Active Pastebin Command and Control TunnelThis conceptual image illustrates the idea of malware, such as the njRAT spreading through active Pastebin command and control tunnel that is discussed in this blog.
38,757
people reacted

njRAT Spreading Through Active Pastebin Command and Control Tunnel

  • By Yanhui Jia, Chris Navarrete and Haozhe Zhang
  • December 9, 2020 at 6:00 AM

19

6 min. read

Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices
85,411
people reacted

Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices

  • By Ken Hsu, Durgesh Sangvikar, Zhibin Zhang and Chris Navarrete
  • June 24, 2020 at 6:00 AM

37

13 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.