Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts tagged with: Advanced Threat Prevention

Wireshark Tutorial: Display Filter ExpressionsA pictorial representation of changing column display in Wireshark. Binary is displayed on a computer monitor along with graphs and charts. The image is blue and white.
248,435
people reacted

Wireshark Tutorial: Display Filter Expressions

  • By Brad Duncan
  • September 8, 2023 at 6:00 AM

110

12 min. read

RedLine Stealer: Answers to Unit Wireshark QuizA pictorial representation of Wireshark traffic including RedLine Stealer.
2,231
people reacted

RedLine Stealer: Answers to Unit Wireshark Quiz

  • By Brad Duncan
  • September 1, 2023 at 6:00 AM

9

11 min. read

Trending

  • Threat Group Assessment: Muddled Libra (Updated) by Unit 42
  • Unit 42 Attack Surface Threat Research: Constant Change in Cloud Contributes to 45% of New High/Critical Exposures Per Month by Unit 42
  • Wireshark Tutorial: Display Filter Expressions by Brad Duncan
  • Wireshark Tutorial: Changing Your Column Display by Brad Duncan
  • Threat Group Assessment: Turla (aka Pensive Ursa) by Unit 42
Crossing the Line: Unit 42 Wireshark Quiz for RedLine StealerA pictorial representation of Wireshark traffic including RedLine Stealer.
3,101
people reacted

Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer

  • By Brad Duncan
  • August 18, 2023 at 6:00 AM

11

4 min. read

When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day VulnerabilityA pictorial representation of a vulnerability such as SugarCRM CVE-2023-22952. A stylized cloud with a lock hanging from it surrounded by technical tools. The Palo Alto Networks and Unit 42 logos.
5,068
people reacted

When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability

  • By Margaret Zimmermann
  • August 10, 2023 at 3:15 PM

13

13 min. read

NodeStealer 2.0 – The Python Version: Stealing Facebook Business AccountsA pictorial representation of an infostealer like NodeStealer. An open laptop against an orange background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.
5,983
people reacted

NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts

  • By Lior Rochberger
  • August 1, 2023 at 6:00 AM

13

14 min. read

Threat Brief: RCE Vulnerability CVE-2023-3519 on Customer-Managed Citrix ServersA pictorial representation of a vulnerability such as CVE-2023-3519 affecting Citrix NetScaler.
6,183
people reacted

Threat Brief: RCE Vulnerability CVE-2023-3519 on Customer-Managed Citrix Servers

  • By Unit 42
  • July 28, 2023 at 4:00 PM

3

5 min. read

P2PInfect: The Rusty Peer-to-Peer Self-Replicating WormA pictorial representation of threats to the cloud such as P2PInfect, the P2P worm written in Rust
8,189
people reacted

P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm

  • By William Gamazo and Nathaniel Quist
  • July 19, 2023 at 10:00 AM

13

11 min. read

Detecting Popular Cobalt Strike Malleable C2 Profile TechniquesA pictorial representation of Cobalt Strike case studies using Malleable C2 profiles. The Palo Alto Networks and Unit 42 logos.
17,511
people reacted

Detecting Popular Cobalt Strike Malleable C2 Profile Techniques

  • By Durgesh Sangvikar, Matthew Tennis, Chris Navarrete, Yanhui Jia, Yu Fu and Nina Smith
  • June 27, 2023 at 3:00 PM

18

6 min. read

IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT ExploitsA pictorial representation of IoT vulnerabilities exploited by a Mirai variant. The Unit 42 logo.
32,263
people reacted

IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits

  • By Chao Lei, Zhibin Zhang, Yiheng An and Cecilia Hu
  • June 22, 2023 at 6:00 AM

13

11 min. read

Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated July 7)A pictorial representation of a vulnerability like CVE-2023-34362
45,514
people reacted

Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated July 7)

  • By Unit 42
  • June 6, 2023 at 2:30 PM

35

7 min. read

Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedIDA pictorial representation of Wireshark traffic including IcedID.
40,945
people reacted

Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID

  • By Brad Duncan
  • May 30, 2023 at 6:00 AM

11

13 min. read

Old Wine in the New Bottle: Mirai Variant Targets Multiple IoT DevicesA pictorial representation of a Mirai variant like IZ1H9. A green robot is surrounded by devices. The Palo Alto Networks and Unit 42 logo are included.
52,073
people reacted

Old Wine in the New Bottle: Mirai Variant Targets Multiple IoT Devices

  • By Chao Lei, Zhibin Zhang and Cecilia Hu
  • May 25, 2023 at 6:00 AM

14

8 min. read

Threat Actors Rapidly Adopt Web3 IPFS TechnologyA pictorial representation of InterPlanetary File System being used as a malicious vehicle
76,904
people reacted

Threat Actors Rapidly Adopt Web3 IPFS Technology

  • By Amanda Tanner, Kristopher Bleich, Anthony Galiette and Joseph Opacki
  • April 19, 2023 at 6:00 AM

9

16 min. read

CryptoClippy Speaks PortugueseA pictorial representation of cryptojacking like CryptoClippy, where illustrated figures use pickaxes to dig out Bitcoin
74,829
people reacted

CryptoClippy Speaks Portuguese

  • By Veronika Senderovych, Amer Elsad and Anthony Galiette
  • April 5, 2023 at 3:00 AM

19

18 min. read

Threat Brief - CVE-2023-23397 - Microsoft Outlook Privilege EscalationA pictorial representation of an email vulnerability like CVE-2023-23397
83,126
people reacted

Threat Brief - CVE-2023-23397 - Microsoft Outlook Privilege Escalation

  • By Unit 42
  • March 31, 2023 at 12:06 AM

18

5 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.