Emissary Panda Attacks Middle East Government Sharepoint Servers

Our latest research shows attacks against Middle East government Sharepoint servers using a newly patched vulnerability. In our blog, we provide details of the tools and tactics, explain how we believe these connect to the Emissary Panda threat group, correlate our findings with those of the Saudi Arabian National Cyber Security Center and the Canadian Center for Cyber Security, and provide indicators of compromise (IoCs) from our research.

Threat Brief: WanaCrypt0r– What We Know

This Unit 42 blog provides an update on the threat situation surrounding the WanaCrypt0r ransomware attacks. It also well as information on the adversary playbook this attack uses.