Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts tagged with: vulnerabilities

Container Escape to Shadow Admin: GKE Autopilot VulnerabilitiesA conceptual image representing Kubernetes security, including the GKE Autopilot vulnerabilities discussed here, which, before fixed, could have allowed for container escape leading to a shadow administrator.
50,005
people reacted

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

  • By Yuval Avrahami
  • March 8, 2022 at 6:00 AM

34

14 min. read

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?A conceptual image representing container security issues, such as CVE-2022-0492, the Linux vulnerability discussed here.
86,631
people reacted

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

  • By Yuval Avrahami
  • March 3, 2022 at 10:00 AM

50

9 min. read

Trending

  • Unit 42 Ransomware and Extortion Report Highlights: Multi-Extortion Tactics Continue to Rise by Unit 42
  • Tailoring Sandbox Techniques to Hidden Threats by Esmid Idrizovic
  • Malicious JavaScript Injection Campaign Infects 51k Websites by Brody Kutt
  • Finding Gozi: Unit 42 Wireshark Quiz, March 2023 by Brad Duncan
Threat Brief: Ongoing Russia and Ukraine Cyber ActivityA conceptual image representing cyber conflict such as the use of CVE-2021-32648 and WhisperGate currently targeting Ukraine.
77,082
people reacted

Threat Brief: Ongoing Russia and Ukraine Cyber Activity

  • By Robert Falcone, Mike Harbison and Josh Grunzweig
  • January 20, 2022 at 12:30 PM

54

8 min. read

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)A conceptual image representing a vulnerability, such as the Apache log4j remote code execution vulnerability discussed here, CVE-2021-44228.
298,041
people reacted

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) (Updated)

  • By Tao Yan, Qi Deng, Haozhe Zhang, Yu Fu, Josh Grunzweig, Mike Harbison and Robert Falcone
  • December 10, 2021 at 1:00 PM

469

15 min. read

Network Security Trends: May-July 2021A conceptual image representing trends, such as those covered in our post on network security trends from May-July 2021.
46,644
people reacted

Network Security Trends: May-July 2021

  • By Yue Guan and Lei Xu
  • September 17, 2021 at 3:00 PM

13

9 min. read

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)A conceptual image associated with the threat brief series, such as this post covering recent OMI vulnerabilities and how to remediate.
45,994
people reacted

Threat Brief: OMI Vulnerabilities (CVE-2021-38645, CVE-2021-38647, CVE-2021-38648 and CVE-2021-38649)

  • By Nathaniel Quist
  • September 16, 2021 at 12:00 PM

30

2 min. read

Finding Azurescape – Cross-Account Container Takeover in Azure Container InstancesA conceptual image illustrating vulnerabilities related to containers and Kubernetes, such as Azurescape, the cross-account container takeover in Azure Container Instances discussed here.
99,721
people reacted

Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances

  • By Yuval Avrahami
  • September 9, 2021 at 3:00 AM

101

14 min. read

Threat Brief: CVE-2021-26084A conceptual image representing vulnerabilities, such as CVE-2021-26084, discussed here.
42,209
people reacted

Threat Brief: CVE-2021-26084

  • By Unit 42
  • September 3, 2021 at 12:20 PM

23

2 min. read

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)A conceptual image representing a vulnerability, such as CVE-2021-32305, discussed in this post.
40,836
people reacted

New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)

  • By Brock Mammen and Haozhe Zhang
  • August 30, 2021 at 6:00 AM

32

5 min. read

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage DevicesA conceptual image representing the network-attached devices common in the small office and home office that are being targeted by the eCh0raix ransomware variant.
58,249
people reacted

New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices

  • By Ruchna Nigam, Haozhe Zhang and Zhibin Zhang
  • August 10, 2021 at 3:00 AM

43

12 min. read

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021A conceptual image representing an adversary. The new attack surface discussed here is an example of what can be possible for an adversary able to perform remote attacks.
38,831
people reacted

Palo Alto Networks Discloses New Attack Surface Targeting Microsoft IIS and SQL Server at Black Hat Asia 2021

  • By Tao Yan, Qi Deng, Bo Qu and Zhibin Zhang
  • July 30, 2021 at 3:00 PM

46

7 min. read

What Can You Learn From a “Wiped” Computer With Digital Forensics?Learn From a Wiped Computer with Digital Forensics
36,337
people reacted

What Can You Learn From a “Wiped” Computer With Digital Forensics?

  • By Michael Savitz
  • May 27, 2021 at 12:00 AM

27

4 min. read

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?
41,589
people reacted

Are Your Nagios XI Servers Turning Into Cryptocurrency Miners for Attackers?

  • By Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang and Qi Deng
  • April 15, 2021 at 11:44 AM

27

6 min. read

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)A conceptual image representing container security, such as that affected by CVE-2021-20291, discussed in this post
40,250
people reacted

New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)

  • By Aviv Sasson
  • April 14, 2021 at 6:00 AM

21

4 min. read

Network Attack Trends: Internet of Threats (November 2020-January 2021)
37,074
people reacted

Network Attack Trends: Internet of Threats (November 2020-January 2021)

  • By Lei Xu, Yue Guan and Vaibhav Singhal
  • April 12, 2021 at 10:37 AM

30

8 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.