Cortex Archives

A conceptual image representing malware, such as the SolarMarker campaign discussed here.

30,287

people reacted

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

By Shimi Cohen, Inbal Shalev and Irena Damsky
April 8, 2022 at 6:00 PM

262

8 min. read

A conceptual image representing malware, such as the OutSteel and SaintBot payloads that were observed as part of an attack targeting Ukrainian organizations.

33,701

people reacted

Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot

By Unit 42
February 25, 2022 at 5:30 PM

21 min. read

A conceptual image representing geopolitical cyber activity, such as what has been associated with Russia-Ukraine

85,878

people reacted

Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams

By Unit 42
February 22, 2022 at 3:00 PM

273

13 min. read

A bear trap accompanied by symbols associated with Russia and Ukraine come together to form a conceptual image for Russia's Gamaredon, aka Primitive Bear, an APT targeting Ukraine.

73,508

people reacted

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated Feb. 16)

By Unit 42
February 3, 2022 at 1:00 PM

19 min. read

A conceptual image representing targeted attacks, including the type of malware discussed here, dropped by Excel add-ins and Office 4.0 macros.

37,775

people reacted

Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies

By Yaron Samuel
January 25, 2022 at 6:00 AM

8 min. read

52,670

people reacted

Threat Brief: Ongoing Russia and Ukraine Cyber Conflict

By Robert Falcone, Mike Harbison and Josh Grunzweig
January 20, 2022 at 12:30 PM

8 min. read

A conceptual image representing THOR, a previously unseen PlugX variant deployed by the PKPLUG Group. The image features a Panda because PKPLUG is also known as Mustang Panda. It also features the logos of Palo Alto Networks and Unit 42.

51,565

people reacted

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

By Mike Harbison and Alex Hinchliffe
July 27, 2021 at 12:00 PM

13 min. read

29,406

people reacted

Evade Sandboxes With a Single Bit – the Trap Flag

By Mark Lim
July 19, 2021 at 3:30 PM

5 min. read

A conceptual image representing espionage, such as the attempted (but unsuccessful) credential harvesting discussed here.

31,454

people reacted

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

By Robert Falcone
April 15, 2021 at 6:00 AM

8 min. read

Threat brief conceptual image, covering analysis and mitigations of vulnerabilities such as CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094

45,104

people reacted

Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094)

By Abisheik Ganesan
February 9, 2021 at 2:30 PM

6 min. read

Conceptual image illustrating WastedLocker ransomware

38,012

people reacted

Threat Assessment: WastedLocker Ransomware

By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone
July 30, 2020 at 6:00 AM

4 min. read

39,604

people reacted

Evolution of Valak, from Its Beginnings to Mass Distribution

By Brad Duncan
July 24, 2020 at 12:00 PM

11 min. read

A conceptual illustration showing a world map along with icons representing malware and other tools used by malicious actors

44,683

people reacted

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

By Robert Falcone
July 22, 2020 at 6:00 AM

18 min. read

22,683

people reacted

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350

By Mike Harbison and Brandon Young
July 21, 2020 at 11:30 AM

< 1 min. read

34,769

people reacted

Cortex XDR™ Detects New Phishing Campaign Installing NetSupport Manager RAT

By Mike Harbison, Brittany Barbehenn and Bryan Lee
February 27, 2020 at 6:00 AM

9 min. read

Posts tagged with: Cortex

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot

Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated Feb. 16)

Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies

Threat Brief: Ongoing Russia and Ukraine Cyber Conflict

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

Evade Sandboxes With a Single Bit – the Trap Flag

Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials

Threat Brief: Windows IPv4 and IPv6 Stack Vulnerabilities (CVE-2021-24074, CVE-2021-24086 and CVE-2021-24094)

Threat Assessment: WastedLocker Ransomware

Evolution of Valak, from Its Beginnings to Mass Distribution

OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory

Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350

Cortex XDR™ Detects New Phishing Campaign Installing NetSupport Manager RAT

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account