Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts created by: Mike Harbison

Chinese PlugX Malware Hidden in Your USB Devices?A conceptual image representing malware, including PlugX
2,199
people reacted

Chinese PlugX Malware Hidden in Your USB Devices?

  • By Mike Harbison and Jen Miller-Osborn
  • January 26, 2023 at 6:00 AM

5

12 min. read

Russian APT29 Hackers Use Online Storage Services, DropBox and Google DriveA conceptual image representing espionage and the threat groups known for it, such as Cloaked Ursa (APT29).
81,400
people reacted

Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive

  • By Mike Harbison and Peter Renals
  • July 19, 2022 at 3:00 AM

57

15 min. read

Trending

  • Answers to Unit 42 Wireshark Quiz, January 2023 by Brad Duncan
  • Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats by Zhibin Zhang
  • Unit 42 Wireshark Quiz, January 2023 by Brad Duncan
  • Chinese PlugX Malware Hidden in Your USB Devices? by Mike Harbison
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious ActorsA conceptual image illustrating the concept of an adversary, underscoring the ethical discussion around red-teaming tools such as Brute Ratel
110,582
people reacted

When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors

  • By Mike Harbison and Peter Renals
  • July 5, 2022 at 6:00 AM

67

15 min. read

Threat Brief: Ongoing Russia and Ukraine Cyber ActivityA conceptual image representing cyber conflict such as the use of CVE-2021-32648 and WhisperGate currently targeting Ukraine.
71,139
people reacted

Threat Brief: Ongoing Russia and Ukraine Cyber Activity

  • By Robert Falcone, Mike Harbison and Josh Grunzweig
  • January 20, 2022 at 12:30 PM

54

8 min. read

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)A conceptual image representing a vulnerability, such as the Apache log4j remote code execution vulnerability discussed here, CVE-2021-44228.
292,513
people reacted

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

  • By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone
  • December 10, 2021 at 1:00 PM

468

15 min. read

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG GroupA conceptual image representing THOR, a previously unseen PlugX variant deployed by the PKPLUG Group. The image features a Panda because PKPLUG is also known as Mustang Panda. It also features the logos of Palo Alto Networks and Unit 42.
78,040
people reacted

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

  • By Mike Harbison and Alex Hinchliffe
  • July 27, 2021 at 12:00 PM

53

13 min. read

BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTechBendyBear, conceptually illustrated here, is novel Chinese shellcode linked with cyber espionage group BlackTech.
75,546
people reacted

BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech

  • By Mike Harbison
  • February 9, 2021 at 3:00 AM

82

16 min. read

Threat Brief: Microsoft Vulnerability CVE-2020-16898Threat Brief standard image
36,766
people reacted

Threat Brief: Microsoft Vulnerability CVE-2020-16898

  • By Mike Harbison and Brandon Young
  • October 14, 2020 at 12:45 PM

27

2 min. read

Threat Brief: Microsoft Vulnerability CVE-2020-1472 “Zerologon”Illustration for threat briefs
47,551
people reacted

Threat Brief: Microsoft Vulnerability CVE-2020-1472 “Zerologon”

  • By Brandon Young and Mike Harbison
  • September 17, 2020 at 2:00 PM

24

2 min. read

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350Threat brief conceptual image
26,213
people reacted

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350

  • By Mike Harbison and Brandon Young
  • July 21, 2020 at 11:30 AM

38

< 1 min. read

31,215
people reacted

Threat Brief: Microsoft SMBv3 Wormable Vulnerability CVE-2020-0796

  • By Mike Harbison and Brandon Young
  • March 11, 2020 at 10:15 AM

45

2 min. read

Cortex XDR™ Detects New Phishing Campaign Installing NetSupport Manager RAT
40,196
people reacted

Cortex XDR™ Detects New Phishing Campaign Installing NetSupport Manager RAT

  • By Mike Harbison, Brittany Barbehenn and Bryan Lee
  • February 27, 2020 at 6:00 AM

34

9 min. read

Threat Brief: Windows CryptoAPI Spoofing Vulnerability CVE-2020-0601
22,849
people reacted

Threat Brief: Windows CryptoAPI Spoofing Vulnerability CVE-2020-0601

  • By Brandon Young and Mike Harbison
  • January 17, 2020 at 1:46 PM

34

2 min. read

Rancor: Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia
51,464
people reacted

Rancor: Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia

  • By Jen Miller-Osborn and Mike Harbison
  • December 17, 2019 at 5:30 AM

34

7 min. read

TrickBot Campaign Uses Fake Payroll Emails to Conduct Phishing Attacks
33,727
people reacted

TrickBot Campaign Uses Fake Payroll Emails to Conduct Phishing Attacks

  • By Bryan Lee, Brittany Barbehenn and Mike Harbison
  • December 9, 2019 at 6:00 AM

26

7 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.