Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) 5,866 people reacted Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) By Daniel Frank and Tom Fakterman October 31, 2023 at 6:00 AM 14 20 min. read
Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government 5,496 people reacted Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government By Lior Rochberger, Tom Fakterman and Robert Falcone September 22, 2023 at 6:05 AM 27 8 min. read
Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda 6,322 people reacted Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda By Lior Rochberger, Tom Fakterman and Robert Falcone September 22, 2023 at 6:03 AM 17 12 min. read
Chinese Playful Taurus Activity in Iran 75,598 people reacted Chinese Playful Taurus Activity in Iran By Unit 42 January 18, 2023 at 3:00 AM 67 9 min. read
Threat Brief: OWASSRF Vulnerability Exploitation 64,642 people reacted Threat Brief: OWASSRF Vulnerability Exploitation By Robert Falcone and Lior Rochberger December 22, 2022 at 5:30 PM 15 9 min. read
GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool 76,280 people reacted GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool By Unit 42 June 13, 2022 at 3:00 AM 42 10 min. read
Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor 45,835 people reacted Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor By Yuval Zan and Chen Evgi June 2, 2022 at 3:00 PM 24 12 min. read
New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns 50,594 people reacted New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns By Shimi Cohen, Inbal Shalev and Irena Damsky April 8, 2022 at 6:00 PM 299 8 min. read
SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors 60,490 people reacted SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors By Unit 42 February 24, 2022 at 6:00 AM 20 9 min. read
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer 114,027 people reacted Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer By Robert Falcone, Jeff White and Peter Renals November 7, 2021 at 6:00 PM 69 18 min. read
xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control 49,822 people reacted xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control By Robert Falcone November 9, 2020 at 12:00 AM 35 12 min. read
51,159 people reacted The New and Improved macOS Backdoor from OceanLotus By Erye Hernandez and Danny Tsechansky June 22, 2017 at 10:00 AM 12 9 min. read
