#Unit 42 slices and dices CVE-2018-5002, uncovering new #CHAINSHOT malware.
Unit 42 investigates abusing the service control manager to establish persistence for non-service applications.
Unit 42 investigates QtBot downloader used to distribute Trickbot and Locky.
Palo Alto Networks Unit 42 analyzes SNOWBALL. Get the detailed technical analysis.
Recent Dimnie activity uses phishing emails to target open source developers on GitHub.
Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013.
Overview Shifu is a Banking Trojan first discovered in 2015. Shifu is based on the Shiz source code which incorporated techniques used by Zeus. Attackers use Shifu to steal credentials for online banking websites around the world, starting in Russia but later including the UK, Italy, and others. Palo Alto Networks Unit 42 research has