• Tools
  • ATOMs
  • About Us

Posts created by: Tao Yan

The conceptual image illustrates the concept of an exploit, such as that described here for Windows RDP Vulnerability CVE-2019-0708 (BlueKeep).
16,055
people reacted

Exploitation of Windows RDP Vulnerability CVE-2019-0708 (BlueKeep): Get RCE with System Privilege Using Refresh Rect PDU and RDPDR Client Name Request PDU

  • By Tao Yan and Jin Chen
  • December 7, 2020 at 6:00 AM

10

10 min. read

A conceptual illustration representing malware
20,900
people reacted

A Closer Look at the Web Skimmer

  • By Jin Chen, Tao Yan, Taojie Wang and Yu Fu
  • November 9, 2020 at 6:00 AM

11

7 min. read

Trending

  • COVID-19: Cloud Threat Landscape
  • SilverTerrier: New COVID-19 Themed Business Email Compromise Schemes
  • Updated BackConfig Malware Targeting Government and Military Organizations in South Asia
  • Threat Brief: Maze Ransomware Activities
  • COVID-19 Themed Malware Within Cloud Environments
Vulnerabilities in websites, as conceptualized in this image, can include malicious coinminers and web skimmers.
21,938
people reacted

Top Alexa Sites Infected With Malicious Coinminers and Web Skimmer

  • By Taojie Wang, Jin Chen, Tao Yan and Zhanglin He
  • October 1, 2020 at 6:00 AM

10

8 min. read

This conceptual image represents Remote Access Trojans, such as the one examined here as an example of script-based malware.
25,655
people reacted

Script-Based Malware: A New Attacker Trend on Internet Explorer

  • By Edouard Bochin, Tao Yan, Jin Chen and Fang Liu
  • August 11, 2020 at 6:00 AM

20

10 min. read

18,628
people reacted

Anatomy of Formjacking Attacks

  • By Jin Chen, Tao Yan, Taojie Wang and Zhanglin He
  • April 27, 2020 at 4:00 PM

11

8 min. read

21,442
people reacted

Web-Based Threats: First Half 2019

  • By Fang Liu, Tao Yan, Jin Chen, Rongbo Shao, Zhanglin He and Bo Qu
  • November 1, 2019 at 6:00 AM

15

8 min. read

70,217
people reacted

Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into Kernel with RDP PDU

  • By Tao Yan and Jin Chen
  • August 29, 2019 at 6:00 AM

57

13 min. read

23,473
people reacted

Web-based Threats-2018 Q4: France Rises to #1 for Malicious URL Hosting, US #1 for Phishing

  • By Bo Qu, Tao Yan, Rongbo Shao and Zhanglin He
  • May 30, 2019 at 9:00 AM

1

6 min. read

Web-based Threats-2018 Q3: Malicious URLs and Domains take a Dip

  • By Bo Qu, Tao Yan, Rongbo Shao, Zhanglin He and Xingyu Jin
  • December 27, 2018 at 6:00 AM

2

7 min. read

24,159
people reacted

New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit

  • By Tao Yan, Xingyu Jin, Bo Qu and Zhanglin He
  • November 21, 2018 at 6:00 AM

3

10 min. read

14,204
people reacted

Web-based Threats-2018 Q2: U.S. Remains #1 in Malicious Web Addresses, China Falls from #2 to #7

  • By Bo Qu, Tao Yan, Rongbo Shao and Zhanglin He
  • September 5, 2018 at 6:12 AM

0

11 min. read

24,471
people reacted

The Old and New: Current Trends in Web-based Threats

  • By Tao Yan, Bo Qu, Zhanglin He and Rongbo Shao
  • June 20, 2018 at 5:00 AM

0

7 min. read

26,070
people reacted

Phishing in a Nutshell: January – March 2018

  • By Tao Yan, Bo Qu and Zhanglin He
  • June 18, 2018 at 5:00 AM

2

5 min. read

50,710
people reacted

A Dissection of the “EsteemAudit” Windows Remote Desktop Exploit

  • By Tao Yan
  • May 31, 2017 at 5:00 AM

2

20 min. read

The Latest Flash UAF Vulnerabilities in Exploit Kits

  • By Tao Yan
  • May 28, 2015 at 6:00 AM

0

11 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2021 Palo Alto Networks, Inc. All rights reserved.