Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 6,327 people reacted Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) By Unit 42 February 21, 2024 at 5:00 PM 6 5 min. read
2024 Unit 42 Incident Response Report: Navigating the Shift in Cybersecurity Threat Tactics 5,343 people reacted 2024 Unit 42 Incident Response Report: Navigating the Shift in Cybersecurity Threat Tactics By Unit 42 February 20, 2024 at 6:12 AM 16 5 min. read
New Vulnerability in QNAP QTS Firmware: CVE-2023-50358 4,599 people reacted New Vulnerability in QNAP QTS Firmware: CVE-2023-50358 By Chao Lei, Jeff Luo and Zhibin Zhang February 13, 2024 at 3:00 AM 8 5 min. read
Ransomware Retrospective 2024: Unit 42 Leak Site Analysis 8,807 people reacted Ransomware Retrospective 2024: Unit 42 Leak Site Analysis By Doel Santos February 5, 2024 at 3:00 AM 16 17 min. read
Medusa Ransomware Turning Your Files into Stone 10,567 people reacted Medusa Ransomware Turning Your Files into Stone By Anthony Galiette and Doel Santos January 11, 2024 at 6:00 AM 17 16 min. read
Threat Brief: Citrix Bleed CVE-2023-4966 9,117 people reacted Threat Brief: Citrix Bleed CVE-2023-4966 By Unit 42 November 1, 2023 at 3:00 PM 18 5 min. read
Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated) 7,921 people reacted Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated) By Unit 42 October 18, 2023 at 5:30 PM 77 4 min. read
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) 50,873 people reacted Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) By Unit 42 October 4, 2023 at 6:00 AM 69 10 min. read
CL0P Seeds ^_- Gotta Catch Em All! 6,579 people reacted CL0P Seeds ^_- Gotta Catch Em All! By Jeff White September 29, 2023 at 4:00 AM 16 18 min. read
Threat Brief: Multiple Vulnerabilities Including Zero-Day Remote Unauthenticated API Access – CVE-2023-35078 – in Ivanti Endpoint Manager Mobile (Updated) 7,008 people reacted Threat Brief: Multiple Vulnerabilities Including Zero-Day Remote Unauthenticated API Access – CVE-2023-35078 – in Ivanti Endpoint Manager Mobile (Updated) By Unit 42 July 28, 2023 at 5:42 PM 15 8 min. read
Threat Brief: 3CXDesktopApp Supply Chain Attack (Updated) 80,012 people reacted Threat Brief: 3CXDesktopApp Supply Chain Attack (Updated) By Robert Falcone and Josh Grunzweig March 30, 2023 at 12:50 PM 29 8 min. read
Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows 59,977 people reacted Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows By Shawn Westfall November 2, 2022 at 6:00 PM 18 7 min. read
Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell) 80,589 people reacted Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell) By Shawn Westfall October 4, 2022 at 4:30 PM 110 8 min. read