High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites 4,682 people reacted High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites By Shresta Bellary Seetharam, Tao Yan, Nabeel Mohamed, Tim Hofmockel, Alex Starov and Brad Duncan November 9, 2023 at 12:00 PM 52 8 min. read
Chinese APT Targeting Cambodian Government 12,102 people reacted Chinese APT Targeting Cambodian Government By Unit 42 November 7, 2023 at 9:01 PM 49 5 min. read
Threat Brief: Citrix Bleed CVE-2023-4966 9,663 people reacted Threat Brief: Citrix Bleed CVE-2023-4966 By Unit 42 November 1, 2023 at 3:00 PM 18 5 min. read
Conducting Robust Learning for Empire Command and Control Detection 3,463 people reacted Conducting Robust Learning for Empire Command and Control Detection By Qian Feng, Chris Navarrete, Yanhui Jia, Yu Fu, Iris Dai, Nina Smith and Brad Duncan November 1, 2023 at 3:00 AM 16 10 min. read
Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) 8,327 people reacted Over the Kazuar’s Nest: Cracking Down on a Freshly Hatched Backdoor Used by Pensive Ursa (Aka Turla) By Daniel Frank and Tom Fakterman October 31, 2023 at 6:00 AM 14 20 min. read
Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated) 8,315 people reacted Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated) By Unit 42 October 18, 2023 at 5:30 PM 77 4 min. read
BlackCat Climbs the Summit With a New Tactic 12,997 people reacted BlackCat Climbs the Summit With a New Tactic By Unit 42 October 18, 2023 at 6:00 AM 123 9 min. read
Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign 6,496 people reacted Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign By Zhanhao Chen, Chao Lei, Fang Liu, Yang Ji, Qi Deng, Royce Lu and Daiping Liu October 16, 2023 at 6:00 AM 41 10 min. read
Understanding DNS Tunneling Traffic in the Wild 12,930 people reacted Understanding DNS Tunneling Traffic in the Wild By Ruian Duan and Daiping Liu October 13, 2023 at 4:00 PM 27 11 min. read
Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) 51,487 people reacted Threat Brief - MOVEit Transfer SQL Injection Vulnerabilities: CVE-2023-34362, CVE-2023-35036 and CVE-2023-35708 (Updated Oct 4) By Unit 42 October 4, 2023 at 6:00 AM 69 10 min. read
Wireshark Tutorial: Display Filter Expressions 268,973 people reacted Wireshark Tutorial: Display Filter Expressions By Brad Duncan September 8, 2023 at 6:00 AM 124 12 min. read
RedLine Stealer: Answers to Unit 42 Wireshark Quiz 7,907 people reacted RedLine Stealer: Answers to Unit 42 Wireshark Quiz By Brad Duncan September 1, 2023 at 6:00 AM 16 11 min. read
Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer 14,401 people reacted Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer By Brad Duncan August 18, 2023 at 6:00 AM 20 4 min. read
When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability 6,986 people reacted When a Zero Day and Access Keys Collide in the Cloud: Responding to the SugarCRM Zero-Day Vulnerability By Margaret Zimmermann August 10, 2023 at 3:15 PM 18 13 min. read
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts 7,777 people reacted NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts By Lior Rochberger August 1, 2023 at 6:00 AM 13 14 min. read