Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Posts tagged with: Cortex

P2PInfect: The Rusty Peer-to-Peer Self-Replicating WormA pictorial representation of threats to the cloud such as P2PInfect, the P2P worm written in Rust
8,194
people reacted

P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm

  • By William Gamazo and Nathaniel Quist
  • July 19, 2023 at 10:00 AM

13

11 min. read

Vice Society: Profiling a Persistent Threat to the Education SectorImage showing illustrative example of ransomware like Vice Society with a hand offering money to a second hand holding a key with a computer screen showing a virus image on it
70,783
people reacted

Vice Society: Profiling a Persistent Threat to the Education Sector

  • By JR Gumarin
  • December 6, 2022 at 3:00 AM

31

13 min. read

Trending

  • Threat Group Assessment: Muddled Libra (Updated) by Unit 42
  • Unit 42 Attack Surface Threat Research: Constant Change in Cloud Contributes to 45% of New High/Critical Exposures Per Month by Unit 42
  • Wireshark Tutorial: Display Filter Expressions by Brad Duncan
  • Wireshark Tutorial: Changing Your Column Display by Brad Duncan
  • Threat Group Assessment: Turla (aka Pensive Ursa) by Unit 42
Threat Assessment: Luna Moth Callback Phishing CampaignCybercrime conceptual image, covering activity such as the Luna Moth callback phishing campaign
73,087
people reacted

Threat Assessment: Luna Moth Callback Phishing Campaign

  • By Kristopher Russo
  • November 21, 2022 at 3:00 AM

20

8 min. read

An AI Based Solution to Detecting the DoubleZero .NET WiperConceptual image representing malware detection, including the machine learning model that can analyze the DoubleZero .NET wiper.
56,176
people reacted

An AI Based Solution to Detecting the DoubleZero .NET Wiper

  • By Akshata Rao, Zong-Yu Wu and Wenjun Hu
  • November 18, 2022 at 6:00 PM

8

7 min. read

Typhon Reborn With New CapabilitiesMalware conceptual image, covering variants such as Typhon Reborn
57,908
people reacted

Typhon Reborn With New Capabilities

  • By Riley Porter and Uday Pratap Singh
  • November 14, 2022 at 6:00 AM

7

7 min. read

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the WildMalware conceptual image, covering topics such as Cobalt Strike Team Server, which can be abused by malware authors for malicious purposes
72,030
people reacted

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild

  • By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj
  • November 3, 2022 at 6:00 AM

26

9 min. read

Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer OverflowsThreat brief image, covering vulnerabilities such as CVE-2022-3786 and CVE-2022-3602, OpenSSL X.509 Buffer Overflows
59,376
people reacted

Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows

  • By Shawn Westfall
  • November 2, 2022 at 6:00 PM

18

7 min. read

Banking Trojan Techniques: How Financially Motivated Malware Became InfrastructureBanking Trojan techniques conceptual image
66,438
people reacted

Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure

  • By Or Chechik
  • October 31, 2022 at 6:00 AM

15

10 min. read

Defeating Guloader Anti-Analysis TechniqueMalware conceptual image, including types of malware such as the Guloader variant covered here.
56,286
people reacted

Defeating Guloader Anti-Analysis Technique

  • By Mark Lim
  • October 28, 2022 at 6:00 AM

8

5 min. read

Ransom Cartel Ransomware: A Possible Connection With REvilRansomware conceptual image, covering threat actors such as Ransom Cartel
72,447
people reacted

Ransom Cartel Ransomware: A Possible Connection With REvil

  • By Amer Elsad and Daniel Bunce
  • October 14, 2022 at 6:00 AM

21

17 min. read

Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell)Threat Brief Image for CVE-2022-41040, CVE-2022-41082, ProxyNotShell
79,452
people reacted

Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell)

  • By Shawn Westfall
  • October 4, 2022 at 4:30 PM

110

8 min. read

More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedIDConceptual image representing malware, such as the information stealer IcedID, being delivered by a polyglot file.
63,872
people reacted

More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID

  • By Mark Lim
  • September 27, 2022 at 6:00 AM

71

4 min. read

Hunting for Unsigned DLLs to Find APTsConceptual image representing adversaries and advanced persistent threats. Here, we discuss a method for finding these groups by hunting for unsigned DLLs.
75,918
people reacted

Hunting for Unsigned DLLs to Find APTs

  • By Daniela Shalev and Itay Gamliel
  • September 26, 2022 at 6:00 AM

137

7 min. read

Domain Shadowing: A Stealthy Use of DNS Compromise for CybercrimeDNS security and issues such as domain shadowing are represented by the caution sign within a folder structure. Image includes Palo Alto Networks and Unit 42 logos.
68,244
people reacted

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

  • By Janos Szurdi, Rebekah Houser and Daiping Liu
  • September 21, 2022 at 6:00 AM

81

7 min. read

OriginLogger: A Look at Agent Tesla’s SuccessorA conceptual image representing malware such as OriginLogger
71,193
people reacted

OriginLogger: A Look at Agent Tesla’s Successor

  • By Jeff White
  • September 13, 2022 at 6:00 AM

48

14 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.