Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts tagged with: Advanced WildFire

Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
11,257
people reacted

Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors

  • By Unit 42
  • November 21, 2023 at 6:00 AM

108

17 min. read

Stately Taurus Targets the Philippines As Tensions Flare in the South PacificA pictorial representation of Stately Taurus. The head of a bull inset on a red circle. The constellation of taurus. These elements are surrounded by a starry night sky.
6,514
people reacted

Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific

  • By Unit 42
  • November 17, 2023 at 3:00 AM

85

6 min. read

Trending

  • Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors by Samantha Stallings
  • Threat Brief: Citrix Bleed CVE-2023-4966 by Unit 42
  • Chinese APT Targeting Cambodian Government by Unit 42
  • Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors by Unit 42
  • Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific by Unit 42
Chinese APT Targeting Cambodian GovernmentA pictorial representation of a Chinese APT targeting Cambodian government entities. A world map with location markers. Around it are icon of types of attacks: bugs, hacking, and other indicators of tools such as graphs.
8,840
people reacted

Chinese APT Targeting Cambodian Government

  • By Unit 42
  • November 7, 2023 at 9:01 PM

44

5 min. read

Threat Brief: Citrix Bleed CVE-2023-4966Threat brief conceptual image for CVE-2023-4966 affecting Citrix/NetScaler. A long scroll with data and text floats before an orange background.
6,359
people reacted

Threat Brief: Citrix Bleed CVE-2023-4966

  • By Unit 42
  • November 1, 2023 at 3:00 PM

16

5 min. read

Conducting Robust Learning for Empire Command and Control DetectionA collage of icons in yellow, green and white. Graphs, warning signs, a lighbulb, and types of documentation. The Palo Alto Networks and Unit 42 logo lockup.
1,964
people reacted

Conducting Robust Learning for Empire Command and Control Detection

  • By Qian Feng, Chris Navarrete, Yanhui Jia, Yu Fu, Iris Dai, Nina Smith and Brad Duncan
  • November 1, 2023 at 3:00 AM

14

10 min. read

Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)A purple illustrated bear against a night sky with stars. Its head is inset in a red circle. The constellation ursa.
5,845
people reacted

Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla)

  • By Daniel Frank and Tom Fakterman
  • October 31, 2023 at 6:00 AM

14

20 min. read

When PAM Goes Rogue: Malware Uses Authentication Modules for MischiefA pictorial representation of malware leveraging Pluggable Authentication Modules (PAM) APIs. An open laptop against a blue background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.
4,707
people reacted

When PAM Goes Rogue: Malware Uses Authentication Modules for Mischief

  • By Siddharth Sharma
  • October 26, 2023 at 6:00 AM

63

4 min. read

Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS CampaignA pictorial representation of malware distributed via D-Bus API attacks. An open laptop against an orange background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.
4,723
people reacted

Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign

  • By Zhanhao Chen, Chao Lei, Fang Liu, Yang Ji, Qi Deng, Royce Lu and Daiping Liu
  • October 16, 2023 at 6:00 AM

38

10 min. read

Threat Group Assessment: Turla (aka Pensive Ursa)A pictorial representation of an APT such as Turla or Pensive Ursa.
5,134
people reacted

Threat Group Assessment: Turla (aka Pensive Ursa)

  • By Unit 42
  • September 15, 2023 at 6:00 AM

17

14 min. read

Why LaZagne Makes D-Bus API Vigilance CrucialA pictorial representation of malware distributed via D-Bus API attacks. An open laptop against a dark background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.
2,559
people reacted

Why LaZagne Makes D-Bus API Vigilance Crucial

  • By Siddharth Sharma
  • August 24, 2023 at 6:00 AM

7

6 min. read

Detecting Popular Cobalt Strike Malleable C2 Profile TechniquesA pictorial representation of Cobalt Strike case studies using Malleable C2 profiles. The Palo Alto Networks and Unit 42 logos.
18,315
people reacted

Detecting Popular Cobalt Strike Malleable C2 Profile Techniques

  • By Durgesh Sangvikar, Matthew Tennis, Chris Navarrete, Yanhui Jia, Yu Fu and Nina Smith
  • June 27, 2023 at 3:00 PM

18

6 min. read

Teasing the Secrets From Threat Actors: Malware Configuration Parsing at ScaleA pictorial representation of malware configuration data such as that used by IcedID
66,876
people reacted

Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale

  • By Mark Lim, Daniel Raygoza and Bob Jung
  • May 3, 2023 at 6:00 AM

5

9 min. read

Tailoring Sandbox Techniques to Hidden ThreatsA pictorial representation of malware that can be combated with tailored sandbox techniques
53,028
people reacted

Tailoring Sandbox Techniques to Hidden Threats

  • By Esmid Idrizovic, Bob Jung, Daniel Raygoza and Sean Hughes
  • March 20, 2023 at 6:00 AM

7

9 min. read

Machine Learning Versus Memory Resident EvilA pictorial representation of highly evasive malware, including sandbox evasion
64,002
people reacted

Machine Learning Versus Memory Resident Evil

  • By Akshata Rao, Esmid Idrizovic, Sujit Rokka Chhetri, Bob Jung and Mark Lim
  • January 31, 2023 at 6:00 AM

10

12 min. read

Navigating the Vast Ocean of Sandbox EvasionsA pictorial depiction of a sandbox evasion
57,002
people reacted

Navigating the Vast Ocean of Sandbox Evasions

  • By Esmid Idrizovic, Bob Jung, Daniel Raygoza and Sean Hughes
  • December 27, 2022 at 6:00 AM

10

13 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.