Slicing and Dicing CVE-2018-5002 Payloads: New CHAINSHOT Malware
#Unit 42 slices and dices CVE-2018-5002, uncovering new #CHAINSHOT malware.
Posts created by: Dominik Reichel
Abusing the Service Control Manager to Establish Persistence for Non-Service Applications
Unit 42 investigates abusing the service control manager to establish persistence for non-service applications.
Everybody Gets One: QtBot Used to Distribute Trickbot and Locky
Unit 42 investigates QtBot downloader used to distribute Trickbot and Locky.
Get updates on Unit 42
Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
Analysing a 10-Year-Old SNOWBALL
Palo Alto Networks Unit 42 analyzes SNOWBALL. Get the detailed technical analysis.
Dimnie: Hiding in Plain Sight
Recent Dimnie activity uses phishing emails to target open source developers on GitHub.
The Gamaredon Group Toolset Evolution
Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013.
2016 Updates to Shifu Banking Trojan
Overview Shifu is a Banking Trojan first discovered in 2015. Shifu is based on the Shiz source code which incorporated techniques used by Zeus. Attackers use Shifu to steal credentials for online banking websites around the world, starting in Russia but later including the UK, Italy, and others. Palo Alto Networks Unit 42 research has