Tao Yan, Author at Unit42

A conceptual image representing trends, including the trends in web threats discussed here, including trends in web threats landing URLs and web threats malicious host URLs

19,580

people reacted

Trends in Web Threats: Attackers Were More Active During Holiday Season

By Cecilia Hu, Tao Yan, Jin Chen and Taojie Wang
April 11, 2022 at 6:00 AM

10 min. read

A conceptual image representing a vulnerability, such as CVE-2022-22965, aka SpringShell, discussed here.

81,217

people reacted

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)

By Haozhe Zhang, Ken Hsu, Tao Yan, Qi Deng and Robert Falcone
March 31, 2022 at 4:30 PM

12 min. read

A conceptual image representing cybercrime, such as the web skimmers discussed in this piece on top web threats.

28,267

people reacted

The Year in Web Threats: Web Skimmers Take Advantage of Cloud Hosting and More

By Cecilia Hu, Tao Yan, Taojie Wang and Jin Chen
January 13, 2022 at 6:00 PM

8 min. read

A conceptual image representing malicious code, such as the web skimmer malicious JavaScript code injected into video as described here.

47,351

people reacted

A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply Chain

By Taojie Wang, Jin Chen and Tao Yan
January 3, 2022 at 12:00 PM

10 min. read

A conceptual image representing a vulnerability, such as the Apache log4j remote code execution vulnerability discussed here, CVE-2021-44228.

267,975

people reacted

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone
December 10, 2021 at 1:00 PM

433

15 min. read

A conceptual image representing an adversary. The new attack surface discussed here is an example of what can be possible for an adversary able to perform remote attacks.

30,836

people reacted

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021

By Tao Yan, Qi Deng, Bo Qu and Zhibin Zhang
July 30, 2021 at 3:00 PM

7 min. read

The conceptual image illustrates the concept of an exploit, such as that described here for Windows RDP Vulnerability CVE-2019-0708 (BlueKeep).

29,138

people reacted

Exploitation of Windows RDP Vulnerability CVE-2019-0708 (BlueKeep): Get RCE with System Privilege Using Refresh Rect PDU and RDPDR Client Name Request PDU

By Tao Yan and Jin Chen
December 7, 2020 at 6:00 AM

10 min. read

A conceptual illustration representing malware

26,618

people reacted

A Closer Look at the Web Skimmer

By Jin Chen, Tao Yan, Taojie Wang and Yu Fu
November 9, 2020 at 6:00 AM

7 min. read

Vulnerabilities in websites, as conceptualized in this image, can include malicious coinminers and web skimmers.

28,043

people reacted

Top Alexa Sites Infected With Malicious Coinminers and Web Skimmer

By Taojie Wang, Jin Chen, Tao Yan and Zhanglin He
October 1, 2020 at 6:00 AM

8 min. read

This conceptual image represents Remote Access Trojans, such as the one examined here as an example of script-based malware.

33,140

people reacted

Script-Based Malware: A New Attacker Trend on Internet Explorer

By Edouard Bochin, Tao Yan, Jin Chen and Fang Liu
August 11, 2020 at 6:00 AM

10 min. read

24,621

people reacted

Anatomy of Formjacking Attacks

By Jin Chen, Tao Yan, Taojie Wang and Zhanglin He
April 27, 2020 at 4:00 PM

8 min. read

25,373

people reacted

Web-Based Threats: First Half 2019

By Fang Liu, Tao Yan, Jin Chen, Rongbo Shao, Zhanglin He and Bo Qu
November 1, 2019 at 6:00 AM

8 min. read

83,181

people reacted

Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into Kernel with RDP PDU

By Tao Yan and Jin Chen
August 29, 2019 at 6:00 AM

13 min. read

26,917

people reacted

Web-based Threats-2018 Q4: France Rises to #1 for Malicious URL Hosting, US #1 for Phishing

By Bo Qu, Tao Yan, Rongbo Shao and Zhanglin He
May 30, 2019 at 9:00 AM

6 min. read

Web-based Threats-2018 Q3: Malicious URLs and Domains take a Dip

By Bo Qu, Tao Yan, Rongbo Shao, Zhanglin He and Xingyu Jin
December 27, 2018 at 6:00 AM

7 min. read

Posts created by: Tao Yan

Trends in Web Threats: Attackers Were More Active During Holiday Season

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)

The Year in Web Threats: Web Skimmers Take Advantage of Cloud Hosting and More

A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply Chain

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021

Exploitation of Windows RDP Vulnerability CVE-2019-0708 (BlueKeep): Get RCE with System Privilege Using Refresh Rect PDU and RDPDR Client Name Request PDU

A Closer Look at the Web Skimmer

Top Alexa Sites Infected With Malicious Coinminers and Web Skimmer

Script-Based Malware: A New Attacker Trend on Internet Explorer

Anatomy of Formjacking Attacks

Web-Based Threats: First Half 2019

Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into Kernel with RDP PDU

Web-based Threats-2018 Q4: France Rises to #1 for Malicious URL Hosting, US #1 for Phishing

Web-based Threats-2018 Q3: Malicious URLs and Domains take a Dip

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account