Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts created by: Tao Yan

Trends in Web Threats in CY Q2 2022: Malicious JavaScript Downloaders Are EvolvingTrends conceptual image, covering web threat trends such as the evolution of a malicious JavaScript downloader.
49,221
people reacted

Trends in Web Threats in CY Q2 2022: Malicious JavaScript Downloaders Are Evolving

  • By Cecilia Hu, Tao Yan, Jin Chen and Taojie Wang
  • October 26, 2022 at 6:00 AM

8

8 min. read

Trends in Web Threats: Old Web Skimmer Still Active TodayWeb Threat Trends conceptual image
46,440
people reacted

Trends in Web Threats: Old Web Skimmer Still Active Today

  • By Cecilia Hu, Tao Yan, Zhanhao Chen, Jin Chen and Taojie Wang
  • October 21, 2022 at 6:00 AM

8

9 min. read

Trending

  • Machine Learning Versus Memory Resident Evil by Esmid Idrizovic
Threat Brief: Microsoft Critical Vulnerabilities (CVE-2022-26809, CVE-2022-26923, CVE-2022-26925)Threat brief cover image for overviews of vulnerabilities such as CVE-2022-26809, CVE-2022-26923 and CVE-2022-26925
56,776
people reacted

Threat Brief: Microsoft Critical Vulnerabilities (CVE-2022-26809, CVE-2022-26923, CVE-2022-26925)

  • By Chao Lei, Tao Yan, Haozhe Zhang and Qi Deng
  • July 27, 2022 at 4:00 PM

51

6 min. read

Trends in Web Threats: Attackers Were More Active During Holiday SeasonA conceptual image representing trends, including the trends in web threats discussed here, including trends in web threats landing URLs and web threats malicious host URLs
29,955
people reacted

Trends in Web Threats: Attackers Were More Active During Holiday Season

  • By Cecilia Hu, Tao Yan, Jin Chen and Taojie Wang
  • April 11, 2022 at 6:00 AM

18

10 min. read

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)A conceptual image representing a vulnerability, such as CVE-2022-22965, aka SpringShell, discussed here.
99,526
people reacted

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)

  • By Haozhe Zhang, Ken Hsu, Tao Yan, Qi Deng and Robert Falcone
  • March 31, 2022 at 4:30 PM

87

12 min. read

The Year in Web Threats: Web Skimmers Take Advantage of Cloud Hosting and MoreA conceptual image representing cybercrime, such as the web skimmers discussed in this piece on top web threats.
39,585
people reacted

The Year in Web Threats: Web Skimmers Take Advantage of Cloud Hosting and More

  • By Cecilia Hu, Tao Yan, Taojie Wang and Jin Chen
  • January 13, 2022 at 6:00 PM

19

8 min. read

A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply ChainA conceptual image representing malicious code, such as the web skimmer malicious JavaScript code injected into video as described here.
62,276
people reacted

A New Web Skimmer Campaign Targets Real Estate Websites Through Attacking Cloud Video Distribution Supply Chain

  • By Taojie Wang, Jin Chen and Tao Yan
  • January 3, 2022 at 12:00 PM

22

10 min. read

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)A conceptual image representing a vulnerability, such as the Apache log4j remote code execution vulnerability discussed here, CVE-2021-44228.
293,189
people reacted

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

  • By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone
  • December 10, 2021 at 1:00 PM

468

15 min. read

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021A conceptual image representing an adversary. The new attack surface discussed here is an example of what can be possible for an adversary able to perform remote attacks.
37,977
people reacted

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021

  • By Tao Yan, Qi Deng, Bo Qu and Zhibin Zhang
  • July 30, 2021 at 3:00 PM

45

7 min. read

Exploitation of Windows RDP Vulnerability CVE-2019-0708 (BlueKeep): Get RCE with System Privilege Using Refresh Rect PDU and RDPDR Client Name Request PDUThe conceptual image illustrates the concept of an exploit, such as that described here for Windows RDP Vulnerability CVE-2019-0708 (BlueKeep).
38,286
people reacted

Exploitation of Windows RDP Vulnerability CVE-2019-0708 (BlueKeep): Get RCE with System Privilege Using Refresh Rect PDU and RDPDR Client Name Request PDU

  • By Tao Yan and Jin Chen
  • December 7, 2020 at 6:00 AM

29

10 min. read

A Closer Look at the Web SkimmerA conceptual illustration representing malware
31,030
people reacted

A Closer Look at the Web Skimmer

  • By Jin Chen, Tao Yan, Taojie Wang and Yu Fu
  • November 9, 2020 at 6:00 AM

20

7 min. read

Top Alexa Sites Infected With Malicious Coinminers and Web SkimmerVulnerabilities in websites, as conceptualized in this image, can include malicious coinminers and web skimmers.
31,992
people reacted

Top Alexa Sites Infected With Malicious Coinminers and Web Skimmer

  • By Taojie Wang, Jin Chen, Tao Yan and Zhanglin He
  • October 1, 2020 at 6:00 AM

26

8 min. read

Script-Based Malware: A New Attacker Trend on Internet ExplorerThis conceptual image represents Remote Access Trojans, such as the one examined here as an example of script-based malware.
38,646
people reacted

Script-Based Malware: A New Attacker Trend on Internet Explorer

  • By Edouard Bochin, Tao Yan, Jin Chen and Fang Liu
  • August 11, 2020 at 6:00 AM

34

10 min. read

Anatomy of Formjacking Attacks
29,232
people reacted

Anatomy of Formjacking Attacks

  • By Jin Chen, Tao Yan, Taojie Wang and Zhanglin He
  • April 27, 2020 at 4:00 PM

22

8 min. read

Web-Based Threats: First Half 2019
31,553
people reacted

Web-Based Threats: First Half 2019

  • By Fang Liu, Tao Yan, Jin Chen, Rongbo Shao, Zhanglin He and Bo Qu
  • November 1, 2019 at 6:00 AM

28

8 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.