Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts created by: Haozhe Zhang

Threat Brief: Microsoft Critical Vulnerabilities (CVE-2022-26809, CVE-2022-26923, CVE-2022-26925)Threat brief cover image for overviews of vulnerabilities such as CVE-2022-26809, CVE-2022-26923 and CVE-2022-26925
58,303
people reacted

Threat Brief: Microsoft Critical Vulnerabilities (CVE-2022-26809, CVE-2022-26923, CVE-2022-26925)

  • By Chao Lei, Tao Yan, Haozhe Zhang and Qi Deng
  • July 27, 2022 at 4:00 PM

51

6 min. read

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)A conceptual image representing a vulnerability, such as CVE-2022-22965, aka SpringShell, discussed here.
102,249
people reacted

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)

  • By Haozhe Zhang, Ken Hsu, Tao Yan, Qi Deng and Robert Falcone
  • March 31, 2022 at 4:30 PM

88

12 min. read

Trending

  • Finding Gozi: Answers to Unit 42 Wireshark Quiz, March 2023 by Brad Duncan
  • Threat Brief: 3CXDesktopApp Supply Chain Attack by Robert Falcone
  • Threat Brief - CVE-2023-23397 - Microsoft Outlook Privilege Escalation by Unit 42
Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)A conceptual image representing a vulnerability, such as the Apache log4j remote code execution vulnerability discussed here, CVE-2021-44228.
298,574
people reacted

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

  • By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone
  • December 10, 2021 at 1:00 PM

469

15 min. read

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)A conceptual image representing a vulnerability, such as CVE-2021-32305, discussed in this post.
40,922
people reacted

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

  • By Brock Mammen and Haozhe Zhang
  • August 30, 2021 at 6:00 AM

32

5 min. read

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage DevicesA conceptual image representing the network-attached devices common in the small office and home office that are being targeted by the eCh0raix ransomware variant.
58,419
people reacted

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices

  • By Ruchna Nigam, Haozhe Zhang and Zhibin Zhang
  • August 10, 2021 at 3:00 AM

43

12 min. read

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?
41,679
people reacted

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

  • By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Qi Deng
  • April 15, 2021 at 11:44 AM

27

6 min. read

Satori: Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE VulnerabilityConceptual image representing Satori, a Mirai botnet variant being spread by attackers exploiting CVE-2020-9020
30,259
people reacted

Satori: Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE Vulnerability

  • By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Jun Du
  • March 17, 2021 at 3:35 PM

26

4 min. read

njRAT Spreading Through Active Pastebin Command and Control TunnelThis conceptual image illustrates the idea of malware, such as the njRAT spreading through active Pastebin command and control tunnel that is discussed in this blog.
38,760
people reacted

njRAT Spreading Through Active Pastebin Command and Control Tunnel

  • By Yanhui Jia, Chris Navarrete and Haozhe Zhang
  • December 9, 2020 at 6:00 AM

19

6 min. read

Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496This image illustrates the concept of a vulnerability.
45,668
people reacted

Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496

  • By Haozhe Zhang, Qi Deng, Zhibin Zhang and Ruchna Nigam
  • September 3, 2020 at 12:00 PM

19

9 min. read

Grandstream and DrayTek Devices Exploited to Power New Hoaxcalls DDoS Botnet
40,425
people reacted

Grandstream and DrayTek Devices Exploited to Power New Hoaxcalls DDoS Botnet

  • By Ken Hsu, Haozhe Zhang, Zhibin Zhang and Ruchna Nigam
  • April 3, 2020 at 1:07 PM

22

7 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.