Unit 42 Archives

A conceptual image representing ransomware, such as the DarkSide ransomware discussed in this post.

6,145

people reacted

DarkSide Ransomware Gang: An Overview

By Ramarcus Baylor
May 12, 2021 at 1:00 PM

8 min. read

A conceptual image representing cloud providers. As described in the article, now that so much data is located in the cloud, organizations that don't set up proper controls on the movement of data can be vulnerable to file transfer threats resulting in data theft or data loss.

7,351

people reacted

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

By Saeed Abbasi
May 5, 2021 at 6:00 AM

5 min. read

A conceptual image representing malicious domains, such as those that can be identified by the proactive detector discussed in this piece.

8,105

people reacted

Detecting and Preventing Malicious Domains Proactively with DNS Security

By Zhanhao Chen and Daiping Liu
May 4, 2021 at 6:00 AM

11 min. read

A conceptual image representing the new cryptocurrency stealer, WeSteal.

14,698

people reacted

New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)

By Robert Falcone and Simon Conant
April 29, 2021 at 12:01 AM

9 min. read

A conceptual image representing Kubernetes topics, including the unsecured Kubernetes instances discussed here.

13,125

people reacted

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

By Jay Chen, Aviv Sasson and Ariel Zelivansky
April 23, 2021 at 5:40 PM

11 min. read

10,028

people reacted

Threat Brief: Codecov Bash Uploader

By Unit 42
April 23, 2021 at 2:00 PM

< 1 min. read

17,001

people reacted

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Qi Deng
April 15, 2021 at 11:44 AM

6 min. read

A conceptual image representing espionage, such as the attempted (but unsuccessful) credential harvesting discussed here.

18,080

people reacted

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

By Robert Falcone
April 15, 2021 at 6:00 AM

8 min. read

A conceptual image representing container security, such as that affected by CVE-2021-20291, discussed in this post

16,134

people reacted

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

By Aviv Sasson
April 14, 2021 at 6:00 AM

4 min. read

A conceptual image representing ransomware, such as the Clop ransomware family discussed in this threat assessment.

16,235

people reacted

Threat Assessment: Clop Ransomware

By Doel Santos
April 13, 2021 at 8:00 AM

6 min. read

15,538

people reacted

Network Attack Trends: Internet of Threats (November 2020-January 2021)

By Lei Xu, Yue Guan and Vaibhav Singhal
April 12, 2021 at 10:37 AM

8 min. read

A conceptual image representing the concept of malware, such as that covered in this case study of Emotet Command and Control traffic.

18,536

people reacted

Emotet Command and Control Case Study

By Chris Navarrete and Yanhui Jia
April 9, 2021 at 12:00 PM

9 min. read

16,893

people reacted

Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

By Ken Hsu, Vaibhav Singhal and Zhibin Zhang
April 8, 2021 at 12:29 PM

5 min. read

The word "Tutorial," superimposed over an image used in the Wireshark Tutorial series.

19,690

people reacted

Wireshark Tutorial: Examining Traffic from Hancitor Infections

By Brad Duncan
April 7, 2021 at 6:00 AM

20 min. read

Cover image for the Unit 42 Cloud Threat Report, 1H 2021, which covers trends in issues related to cloud security.

16,398

people reacted

Highlights from the Unit 42 Cloud Threat Report, 1H 2021

By Unit 42
April 6, 2021 at 3:00 AM

2 min. read

Category: Unit 42

DarkSide Ransomware Gang: An Overview

File Transfer Threats: Risk Factors and How Network Traffic Visibility Can Help

Detecting and Preventing Malicious Domains Proactively with DNS Security

New Shameless Commodity Cryptocurrency Stealer (WeSteal) and Commodity RAT (WeControl)

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

Threat Brief: Codecov Bash Uploader

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

Threat Assessment: Clop Ransomware

Network Attack Trends: Internet of Threats (November 2020-January 2021)

Emotet Command and Control Case Study

Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations

Wireshark Tutorial: Examining Traffic from Hancitor Infections

Highlights from the Unit 42 Cloud Threat Report, 1H 2021

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account