Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts created by: Jay Chen

IAM-Deescalate: An Open Source Tool to Help Users Reduce the Risk of Privilege EscalationA conceptual image representing misconfigurations, such as the excessive permissions that IAM-Deescalate helps detect and remediate
55,524
people reacted

IAM-Deescalate: An Open Source Tool to Help Users Reduce the Risk of Privilege Escalation

  • By Jay Chen
  • July 25, 2022 at 6:00 AM

32

6 min. read

A Look Into Public Clouds From the Ransomware Actor's PerspectiveA conceptual image representing cloud service providers. So far, ransomware in public clouds is rare, partly due to the attention cloud service providers pay to securing their infrastructure.
38,798
people reacted

A Look Into Public Clouds From the Ransomware Actor's Perspective

  • By Jay Chen
  • May 16, 2022 at 6:00 AM

27

14 min. read

Trending

  • Finding Gozi: Answers to Unit 42 Wireshark Quiz, March 2023 by Brad Duncan
  • Threat Brief: 3CXDesktopApp Supply Chain Attack by Robert Falcone
Observing Attacks Against Hundreds of Exposed Services in Public CloudsA conceptual image representing misconfigurations in the cloud, including insecurely exposed services.
57,905
people reacted

Observing Attacks Against Hundreds of Exposed Services in Public Clouds

  • By Jay Chen
  • November 22, 2021 at 12:00 PM

43

7 min. read

Network Scanning Traffic Observed in Public CloudsA conceptual image representing network scanning, such as the network scanning traffic researchers observed in public clouds.
46,714
people reacted

Network Scanning Traffic Observed in Public Clouds

  • By Jay Chen
  • October 28, 2021 at 6:00 AM

18

6 min. read

Unsecured Kubernetes Instances Could Be Vulnerable to ExploitationA conceptual image representing Kubernetes topics, including the unsecured Kubernetes instances discussed here.
42,474
people reacted

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

  • By Jay Chen, Aviv Sasson and Ariel Zelivansky
  • April 23, 2021 at 5:40 PM

22

11 min. read

Hildegard: New TeamTNT Cryptojacking Malware Targeting KubernetesThis conceptual image covers the concept of container security. Attacks on containers, such as that of the Hildegard malware detailed here, can allow attackers access to a large amount of computing resources.
80,782
people reacted

Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes

  • By Jay Chen, Aviv Sasson and Ariel Zelivansky
  • February 3, 2021 at 6:00 AM

32

10 min. read

IAMFinder: Open Source Tool to Identify Information Leaked from AWS IAM ReconnaissanceA conceptual image illustrating finding vulnerabilities on the web. IAMFinder is a custom open source tool that can help organizations identify information leakage in AWS accounts.
37,779
people reacted

IAMFinder: Open Source Tool to Identify Information Leaked from AWS IAM Reconnaissance

  • By Jay Chen
  • November 19, 2020 at 12:00 PM

30

6 min. read

Information Leakage in AWS Resource-Based Policy APIsThis conceptual image illustrates some of the security and configuration issues involved with the cloud, such as the issue with AWS resource-based policy APIs discussed here.
49,550
people reacted

Information Leakage in AWS Resource-Based Policy APIs

  • By Jay Chen
  • November 17, 2020 at 3:00 AM

18

6 min. read

Unit 42 Cloud Threat Report: Misconfigured IAM Roles Lead to Thousands of Compromised Cloud WorkloadsThe conceptual image illustrates the idea of the risks that misconfigured IAM roles can pose for cloud workloads.
39,029
people reacted

Unit 42 Cloud Threat Report: Misconfigured IAM Roles Lead to Thousands of Compromised Cloud Workloads

  • By Jay Chen
  • October 8, 2020 at 6:00 AM

19

15 min. read

The State of Exploit Development: 80% of Exploits Publish Faster than CVEsThis conceptual image illustrates trends in cybersecurity
38,619
people reacted

The State of Exploit Development: 80% of Exploits Publish Faster than CVEs

  • By Jay Chen
  • August 26, 2020 at 6:00 AM

15

8 min. read

COVID-19: Cloud Threat Landscape
41,401
people reacted

COVID-19: Cloud Threat Landscape

  • By Jay Chen
  • May 4, 2020 at 6:00 AM

22

6 min. read

Unit 42 CTR: Leaked Code from Docker Registries
39,983
people reacted

Unit 42 CTR: Leaked Code from Docker Registries

  • By Jay Chen
  • February 7, 2020 at 6:00 AM

27

7 min. read

Attacker’s Tactics and Techniques in Unsecured Docker Daemons Revealed
42,691
people reacted

Attacker’s Tactics and Techniques in Unsecured Docker Daemons Revealed

  • By Jay Chen
  • January 29, 2020 at 6:00 AM

21

10 min. read

Server-Side Request Forgery Exposes Data of Technology, Industrial and Media Organizations
37,033
people reacted

Server-Side Request Forgery Exposes Data of Technology, Industrial and Media Organizations

  • By Jay Chen
  • November 26, 2019 at 6:00 AM

39

9 min. read

Graboid: First-Ever Cryptojacking Worm Found in Images on Docker Hub
82,369
people reacted

Graboid: First-Ever Cryptojacking Worm Found in Images on Docker Hub

  • By Jay Chen
  • October 16, 2019 at 6:00 AM

43

6 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.