Vulnerability Archives

A stylized portrayal of APT Fighting Ursa. The marks from bear claws in bright orange against the backdrop of a night sky.

3,214

people reacted

Fighting Ursa Aka APT28: Illuminating a Covert Campaign

By Unit 42
December 7, 2023 at 6:00 AM

6 min. read

A pictorial representation of a vulnerability like CVE-2023-36884, CVE-2023-36584,. A laptop screen displays lines of text. A magnifying glass examining the screen has within it a warning icon.

8,087

people reacted

In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584

By Eli Birkan, Dan Yashnik, Oriel Cochavi, Bar Lahav and Mike Harbison
November 13, 2023 at 3:00 AM

18 min. read

A collection of icons representing the dangers of clickbait sites. Warning icons, a figure wearing a mask, phishing and more. The Palo Alto Networks and Unit 42 logos.

3,192

people reacted

High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites

By Shresta Bellary Seetharam, Tao Yan, Nabeel Mohamed, Tim Hofmockel, Alex Starov and Brad Duncan
November 9, 2023 at 12:00 PM

8 min. read

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

9,994

people reacted

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

By Robert Falcone
September 19, 2023 at 6:00 AM

10 min. read

Standard image for Unit 42 Threat Brief format, in this case covering CVE-2023-36884, Microsoft Office and Windows HTML Remote Code Execution

22,945

people reacted

CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief (Updated)

By Unit 42
July 12, 2023 at 11:45 AM

4 min. read

A pictorial representation of vulnerabilities like CVE-2021-1732 and CVE-2022-21882

21,432

people reacted

Inside Win32k Exploitation: Analysis of CVE-2022-21882 and CVE-2021-1732

By Shawn Westfall
June 20, 2023 at 6:00 AM

37 min. read

25,623

people reacted

Inside Win32k Exploitation: Background on Implementations of Win32k and Exploitation Methodologies

By Shawn Westfall
June 13, 2023 at 6:00 AM

18 min. read

A pictorial representation of the Mirai Variant V3G4

68,577

people reacted

Mirai Variant V3G4 Targets IoT Devices

By Chao Lei, Zhibin Zhang, Cecilia Hu and Aveek Das
February 15, 2023 at 6:00 AM

9 min. read

A pictorial representation of network attack trends such as CVE-2021-35394 featuring a stylized bug on IoT-related products. The Palo Alto Networks and Unit 42 logos are included.

67,379

people reacted

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

By Yiheng An, Chao Lei, Adam Robbie, Aveek Das, Zhibin Zhang and Shehroze Farooqi
January 24, 2023 at 6:00 AM

8 min. read

A pictorial representation of a security vulnerability. It shows a checkmark on a shield within a crystal ball.

54,742

people reacted

Network Security Trends: August-October 2022

By Yiheng An
January 12, 2023 at 6:00 AM

8 min. read

A pictorial representation of the JsonWebToken vulnerability.

130,312

people reacted

Security Issue in JWT Secret Poisoning (Updated)

By Artur Oleyarsh
January 9, 2023 at 6:00 AM

8 min. read

Network security trends conceptual image

55,768

people reacted

Network Security Trends: May-July 2022

By Yiheng An
November 16, 2022 at 6:00 AM

7 min. read

Cloud vulnerabilities conceptual image, covering topics such as OpenLiteSpeed vulnerabilities

62,278

people reacted

Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server

By Artur Avetisyan
November 10, 2022 at 6:00 AM

5 min. read

Threat brief image, covering vulnerabilities such as CVE-2022-3786 and CVE-2022-3602, OpenSSL X.509 Buffer Overflows

59,495

people reacted

Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows

By Shawn Westfall
November 2, 2022 at 6:00 PM

7 min. read

Threat Brief Image for CVE-2022-41040, CVE-2022-41082, ProxyNotShell

79,845

people reacted

Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell)

By Shawn Westfall
October 4, 2022 at 4:30 PM

110

8 min. read

Category: Vulnerability

Fighting Ursa Aka APT28: Illuminating a Covert Campaign

In-Depth Analysis of July 2023 Exploit Chain Featuring CVE-2023-36884 and CVE-2023-36584

High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites

Fake CVE-2023-40477 Proof of Concept Leads to VenomRAT

CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief (Updated)

Inside Win32k Exploitation: Analysis of CVE-2022-21882 and CVE-2021-1732

Inside Win32k Exploitation: Background on Implementations of Win32k and Exploitation Methodologies

Mirai Variant V3G4 Targets IoT Devices

Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats

Network Security Trends: August-October 2022

Security Issue in JWT Secret Poisoning (Updated)

Network Security Trends: May-July 2022

Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server

Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows

Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell)

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account