Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
VIDEO: Tips, Tricks, and Clues to Escape the LabyREnth CTF
Have you escaped the LabyREnth? Tips, tricks and clues to make your escape.
Posts created by: Tyler Halfpop
Kazuar: Multiplatform Espionage Backdoor with API Access
Unit 42 researchers have uncovered Kazuar, a backdoor Trojan used in an espionage campaign.
Sofacy’s ‘Komplex’ OS X Trojan
Unit 42 researchers identified a new OS X Trojan associated with the Sofacy group that we are now tracking with the ‘Komplex’ tag using the Palo Alto Networks AutoFocus threat intelligence platform. The Sofacy group, also known as APT28, Pawn Storm, Fancy Bear, and Sednit, continues to add to the variety of tools they use
Get updates on Unit 42
Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
PowerWare Ransomware Spoofing Locky Malware Family
Unit 42 has recently discovered a new variant of PowerWare, also known as PoshCoder, imitating the popular Locky ransomware family. PoshCoder has been encrypting files with PowerShell since 2014, and the new variant named PowerWare was reported in March 2016. The malware is responsible for encrypting files on a victim’s machine and demanding a ransom via the
Upatre: Old Dog, New [Anti-Analysis] Tricks
Malware authors must constantly iterate on their techniques in order to stay relevant in today’s fast moving Information Security environment. The Upatre downloader has been around for nearly three years and has consistently evolved its anti-analysis capabilities to better ensure payload delivery. Using Palo Alto Networks AutoFocus, we identified several thousand functionally identical Upatre binaries