Unit 42 Vulnerability Research Team Discovers 23 New Vulnerabilities February 2019 Disclosures – Adobe and Microsoft

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 threat researchers have discovered 23 new vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their February 2019 APSB19-07 security update release and 2 vulnerabilities addressed by the Microsoft Security Response Center (MSRC) as part of their February 2019 security update release.  Severity ratings ranged from Important to Critical for each of these vulnerabilities.

Pulling Back the Curtains on EncodedCommand PowerShell Attacks

A note to readers: The code samples included within this blog post may trigger alerts from your security software. Please note that this does not indicate an infection or an attack; rather, it is a notification that the code could be malicious if it were live. PowerShell has continued to gain in popularity over the

Aveo Malware Family Targets Japanese Speaking Users

(This blog post is also available in Japanese.) Palo Alto Networks has identified a malware family known as ‘Aveo’ that is being used to target Japanese speaking users. The ‘Aveo’ malware name comes from an embedded debug string within the binary file. The Aveo malware family has close ties to the previously discussed FormerFirstRAT malware

Unit 42 Researchers Recognized in MSRC Top 100 List

Four Palo Alto Networks threat intelligence researchers were recently recognized in the Microsoft Security Response Center (MSRC) Bounty Program Top 100 list announced at Black Hat USA 2016. Congratulations to Bo Qu, Tao Yan, Hui Gao,  and Tongbo Luo!

Fresh Baked HOMEKit-made Cookles – With a DarkHotel Overlap

Threat actors tend to reuse certain tools, a trend we observed during recent Unit 42 research published on MNKit. In this post, we will discuss a fresh toolkit, which on the surface, appeared similar to MNKit, but functionally was found to be quite different. This toolkit, which we named “HOMEKit”, is similar to MNKit in

Get updates on Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit 42

Follow us on