The DarkHydrus group has begun using a new version of the RogueRobin backdoor. This version is written in C# and in addition to using DNS Tunneling for command and control, can also use Google Drive.
On December 10, a new variant of the Disttrack malware was submitted to VirusTotal that shares a considerable amount of code with the Disttrack malware used in the Shamoon 2 attacks in 2016 and 2017.
“When it comes to realistic predictions for the year ahead, my philosophy is simple: there are certain trends that research shows will continue to move upward.” Ryan Olson, VP of Threat Intelligence, looks at what can be expected in 2019.
Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
The Sofacy group continued their global attack campaigns between October and November, primarily targeting NATO-aligned nation states and former USSR states and delivering Zebrocy or Cannon.
The benefits for enterprises moving to the cloud are clear: greater flexibility, agility, scalability and cost savings. However, adopting public cloud infrastructure can also magnify security risks and compliance challenges. Unit 42’s latest report examines the latest cloud security trends and tips.
Unit 42’s Don’t Panic Podcast returns with season 3.
Unit 42 uncovers a campaign leveraging a previously unreported customized dropper used to deliver lures primarily pertaining to the South Korean and North Korea region.
New Wine in Old Bottle: New Azorult Variant Found in FindMyName Campaign using Fallout Exploit Kit.
Unit 42’s continued look into Sofacy reveals global attacks and wheels out new ‘Cannon’ trojan.
Unit 42’s continued look into OilRig analyzes the group’s operational tempo, including testing, weaponization and attack delivery.
Inception targets Europe with year old office vulnerability. Read the full report.
Unit 42 reveals new techniques to uncover and attribute Cobalt Gang commodity builders and infrastructure. Read the full report.
New Unit 42 Threat Brief: learn why you should embrace mobile banking with caution.
Unit 42 examines how using machine learning-based techniques can discover new threats and block them before they can affect our customers.
Unit 42 investigates a recent Fake Flash update pushing cryptocurrency mining software. Get the full report.
Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.