Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors 11,661 people reacted Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors By Unit 42 November 21, 2023 at 6:00 AM 110 17 min. read
Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific 6,593 people reacted Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific By Unit 42 November 17, 2023 at 3:00 AM 85 6 min. read
High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites 3,017 people reacted High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites By Shresta Bellary Seetharam, Tao Yan, Nabeel Mohamed, Tim Hofmockel, Alex Starov and Brad Duncan November 9, 2023 at 12:00 PM 47 7 min. read
Chinese APT Targeting Cambodian Government 8,867 people reacted Chinese APT Targeting Cambodian Government By Unit 42 November 7, 2023 at 9:01 PM 45 5 min. read
Threat Brief: Citrix Bleed CVE-2023-4966 6,446 people reacted Threat Brief: Citrix Bleed CVE-2023-4966 By Unit 42 November 1, 2023 at 3:00 PM 16 5 min. read
Conducting Robust Learning for Empire Command and Control Detection 1,979 people reacted Conducting Robust Learning for Empire Command and Control Detection By Qian Feng, Chris Navarrete, Yanhui Jia, Yu Fu, Iris Dai, Nina Smith and Brad Duncan November 1, 2023 at 3:00 AM 14 10 min. read
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) 5,866 people reacted Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) By Daniel Frank and Tom Fakterman October 31, 2023 at 6:00 AM 14 20 min. read
Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated) 6,952 people reacted Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated) By Unit 42 October 18, 2023 at 5:30 PM 72 4 min. read
BlackCat Climbs the Summit With a New Tactic 10,974 people reacted BlackCat Climbs the Summit With a New Tactic By Unit 42 October 18, 2023 at 6:00 AM 122 9 min. read
Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign 4,731 people reacted Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign By Zhanhao Chen, Chao Lei, Fang Liu, Yang Ji, Qi Deng, Royce Lu and Daiping Liu October 16, 2023 at 6:00 AM 38 10 min. read
Understanding DNS Tunneling Traffic in the Wild 9,856 people reacted Understanding DNS Tunneling Traffic in the Wild By Ruian Duan and Daiping Liu October 13, 2023 at 4:00 PM 25 11 min. read
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) 49,574 people reacted Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) By Unit 42 October 4, 2023 at 6:00 AM 66 10 min. read
Threat Group Assessment: Muddled Libra (Updated) 30,117 people reacted Threat Group Assessment: Muddled Libra (Updated) By Kristopher Russo, Austin Dever and Amer Elsad September 15, 2023 at 6:00 AM 20 11 min. read
Wireshark Tutorial: Display Filter Expressions 255,360 people reacted Wireshark Tutorial: Display Filter Expressions By Brad Duncan September 8, 2023 at 6:00 AM 117 12 min. read
RedLine Stealer: Answers to Unit 42 Wireshark Quiz 4,236 people reacted RedLine Stealer: Answers to Unit 42 Wireshark Quiz By Brad Duncan September 1, 2023 at 6:00 AM 12 11 min. read