DNS security Archives

A stylized portrayal of APT Fighting Ursa. The marks from bear claws in bright orange against the backdrop of a night sky.

3,205

people reacted

Fighting Ursa Aka APT28: Illuminating a Covert Campaign

By Unit 42
December 7, 2023 at 6:00 AM

6 min. read

A pictorial representation of malware like Agent Racoon, Ntospy and Mimilite. An open laptop against a blue background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

8,069

people reacted

New Tool Set Found Used Against Organizations in the Middle East, Africa and the US

By Chema Garcia
December 1, 2023 at 3:00 AM

14 min. read

A pictorial representation of Stately Taurus. The head of a bull inset on a red circle. The constellation of taurus. These elements are surrounded by a starry night sky.

7,012

people reacted

Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific

By Unit 42
November 17, 2023 at 3:00 AM

6 min. read

A pictorial representation of a Chinese APT targeting Cambodian government entities. A world map with location markers. Around it are icon of types of attacks: bugs, hacking, and other indicators of tools such as graphs.

9,210

people reacted

Chinese APT Targeting Cambodian Government

By Unit 42
November 7, 2023 at 9:01 PM

5 min. read

A pictorial representation of malware distributed via D-Bus API attacks. An open laptop against an orange background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

4,828

people reacted

Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign

By Zhanhao Chen, Chao Lei, Fang Liu, Yang Ji, Qi Deng, Royce Lu and Daiping Liu
October 16, 2023 at 6:00 AM

10 min. read

10,061

people reacted

Understanding DNS Tunneling Traffic in the Wild

By Ruian Duan and Daiping Liu
October 13, 2023 at 4:00 PM

11 min. read

A pictorial representation of an adversary such as an actor linked to Gelsemium that targeted a Southeast Asian government.

5,541

people reacted

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 22, 2023 at 6:05 AM

8 min. read

A pictorial representation of an adversary such as a cluster linked to Alloy Taurus.

3,021

people reacted

Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 22, 2023 at 6:02 AM

13 min. read

A pictorial representation of an adversary such as the three attack clusters that targeted a Southeast Asian government.

5,132

people reacted

Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 22, 2023 at 6:00 AM

6 min. read

A pictorial representation of an APT such as Turla or Pensive Ursa.

5,220

people reacted

Threat Group Assessment: Turla (aka Pensive Ursa)

By Unit 42
September 15, 2023 at 6:00 AM

14 min. read

Pictorial representation of a threat actor like Muddled Libra

30,281

people reacted

Threat Group Assessment: Muddled Libra (Updated)

By Kristopher Russo, Austin Dever and Amer Elsad
September 15, 2023 at 6:00 AM

11 min. read

A pictorial representation of an infostealer like NodeStealer. An open laptop against an orange background is flanked by exclamation points. On the laptop screen are overlapping windows with a bug icon representing the malware.

6,782

people reacted

NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts

By Lior Rochberger
August 1, 2023 at 6:00 AM

14 min. read

A pictorial representation of ransomware, including ransomware delivered by URLs. The Palo Alto Networks and Unit 42 logos.

6,130

people reacted

Ransomware Delivery URLs: Top Campaigns and Trends

By Nabeel Mohamed, Fang Liu, Sophia Yao, Lee Wei Yeong, Song Yang and Shan Huang
July 28, 2023 at 6:00 AM

8 min. read

A pictorial representation of the Mallox ransomware gang. A hand offers money to another hand holding keys. In the background is a computer screen with the biohazard symbol on it.

10,237

people reacted

Threat Group Assessment: Mallox Ransomware

By Lior Rochberger and Shimi Cohen
July 20, 2023 at 10:15 AM

10 min. read

A pictorial representation of threat group Cloaked Ursa as a bear head within a circle, overlaid by the Ursa constellation

12,063

people reacted

Diplomats Beware: Cloaked Ursa Phishing With a Twist

By Unit 42
July 12, 2023 at 3:00 AM

15 min. read

Posts tagged with: DNS security

Fighting Ursa Aka APT28: Illuminating a Covert Campaign

New Tool Set Found Used Against Organizations in the Middle East, Africa and the US

Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific

Chinese APT Targeting Cambodian Government

Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign

Understanding DNS Tunneling Traffic in the Wild

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus

Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government

Threat Group Assessment: Turla (aka Pensive Ursa)

Threat Group Assessment: Muddled Libra (Updated)

NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts

Ransomware Delivery URLs: Top Campaigns and Trends

Threat Group Assessment: Mallox Ransomware

Diplomats Beware: Cloaked Ursa Phishing With a Twist

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account