Muddled Libra’s Evolution to the Cloud 4,834 people reacted Muddled Libra’s Evolution to the Cloud By Margaret Zimmermann April 9, 2024 at 11:00 AM 16 10 min. read
Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 37,487 people reacted Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) By Unit 42 March 30, 2024 at 7:15 PM 48 6 min. read
Threat Group Assessment: Muddled Libra (Updated) 36,682 people reacted Threat Group Assessment: Muddled Libra (Updated) By Kristopher Russo, Austin Dever and Amer Elsad March 8, 2024 at 2:58 PM 40 13 min. read
2024 Unit 42 Incident Response Report: Navigating the Shift in Cybersecurity Threat Tactics 6,673 people reacted 2024 Unit 42 Incident Response Report: Navigating the Shift in Cybersecurity Threat Tactics By Unit 42 February 20, 2024 at 6:12 AM 17 5 min. read
Dual Privilege Escalation Chain: Exploiting Monitoring and Service Mesh Configurations and Privileges in GKE to Gain Unauthorized Access in Kubernetes 6,972 people reacted Dual Privilege Escalation Chain: Exploiting Monitoring and Service Mesh Configurations and Privileges in GKE to Gain Unauthorized Access in Kubernetes By Shaul Ben Hai December 27, 2023 at 6:00 AM 33 11 min. read
Threat Brief: Citrix Bleed CVE-2023-4966 9,420 people reacted Threat Brief: Citrix Bleed CVE-2023-4966 By Unit 42 November 1, 2023 at 3:00 PM 18 5 min. read
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) 8,078 people reacted Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) By Daniel Frank and Tom Fakterman October 31, 2023 at 6:00 AM 14 20 min. read
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) 51,242 people reacted Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) By Unit 42 October 4, 2023 at 6:00 AM 69 10 min. read
When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability 6,816 people reacted When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability By Margaret Zimmermann August 10, 2023 at 3:15 PM 18 13 min. read
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts 7,640 people reacted NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts By Lior Rochberger August 1, 2023 at 6:00 AM 13 14 min. read
CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief (Updated) 24,080 people reacted CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief (Updated) By Unit 42 July 12, 2023 at 11:45 AM 30 4 min. read
Diplomats Beware: Cloaked Ursa Phishing With a Twist 13,621 people reacted Diplomats Beware: Cloaked Ursa Phishing With a Twist By Unit 42 July 12, 2023 at 3:00 AM 19 15 min. read
Chinese PlugX Malware Hidden in Your USB Devices? 82,323 people reacted Chinese PlugX Malware Hidden in Your USB Devices? By Mike Harbison and Jen Miller-Osborn January 26, 2023 at 6:00 AM 20 12 min. read
Threat Brief: OWASSRF Vulnerability Exploitation 65,605 people reacted Threat Brief: OWASSRF Vulnerability Exploitation By Robert Falcone and Lior Rochberger December 22, 2022 at 5:30 PM 15 9 min. read
Compromised Cloud Compute Credentials: Case Studies From the Wild 55,676 people reacted Compromised Cloud Compute Credentials: Case Studies From the Wild By Dror Alon December 8, 2022 at 3:00 PM 48 9 min. read