threat intelligence Archives

A pictorial representation of threat actor tracking showing a blackboard and books.

58,706

people reacted

It’s All in the Name: How Unit 42 Defines and Tracks Threat Adversaries

By Unit 42
May 15, 2023 at 6:00 AM

4 min. read

Cybercrime conceptual image, covering activity such as the Luna Moth callback phishing campaign

73,087

people reacted

Threat Assessment: Luna Moth Callback Phishing Campaign

By Kristopher Russo
November 21, 2022 at 3:00 AM

8 min. read

DNS security conceptual image, covering topics including malicious newly observed domains

52,617

people reacted

Detecting Emerging Network Threats From Newly Observed Domains

By Zhanhao Chen, Daiping Liu, Wanjin Li and Fan Fei
October 17, 2022 at 6:00 AM

8 min. read

Ransomware conceptual image, covering threat actors such as Ransom Cartel

72,447

people reacted

Ransom Cartel Ransomware: A Possible Connection With REvil

By Amer Elsad and Daniel Bunce
October 14, 2022 at 6:00 AM

17 min. read

Threat Brief Image for CVE-2022-41040, CVE-2022-41082, ProxyNotShell

79,452

people reacted

Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell)

By Shawn Westfall
October 4, 2022 at 4:30 PM

110

8 min. read

Conceptual image representing adversaries and advanced persistent threats. Here, we discuss a method for finding these groups by hunting for unsigned DLLs.

75,918

people reacted

Hunting for Unsigned DLLs to Find APTs

By Daniela Shalev and Itay Gamliel
September 26, 2022 at 6:00 AM

137

7 min. read

DNS security and issues such as domain shadowing are represented by the caution sign within a folder structure. Image includes Palo Alto Networks and Unit 42 logos.

68,244

people reacted

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

By Janos Szurdi, Rebekah Houser and Daiping Liu
September 21, 2022 at 6:00 AM

7 min. read

A conceptual image representing malware such as OriginLogger

71,193

people reacted

OriginLogger: A Look at Agent Tesla’s Successor

By Jeff White
September 13, 2022 at 6:00 AM

14 min. read

Credential gathering techniques discussed here can open the door to cybercriminals as depicted in this conceptual image.

57,877

people reacted

Credential Gathering From Third-Party Software

By Dor Attar
September 8, 2022 at 12:00 PM

14 min. read

Ransomware conceptual image, covering groups including BlueSky Ransomware

85,506

people reacted

BlueSky Ransomware: Fast Encryption via Multithreading

By Muhammad Umer Khan, Lee Wei, Yang Ji and Wenjun Hu
August 10, 2022 at 12:00 PM

1142

7 min. read

Ransomware conceptual image, covering groups such as Cuba Ransomware aka Tropical Scorpius

91,298

people reacted

Novel News on Cuba Ransomware: Greetings From Tropical Scorpius

By Anthony Galiette, Daniel Bunce, Doel Santos and Shawn Westfall
August 9, 2022 at 9:00 AM

20 min. read

A conceptual image representing threat groups, used to represent a discussion of threat group naming systems.

57,798

people reacted

Unit 42 Threat Group Naming Update

By Ryan Olson
July 18, 2022 at 2:00 PM

4 min. read

A boxing glove and hand raised to stop it illustrate the concept of cybersecurity adversaries.

33,120

people reacted

Introducing Actionable Threat Objects and Mitigations (ATOMs)

By Joseph Opacki
September 18, 2020 at 6:30 AM

5 min. read

Threat Intelligence Has Never Looked Better – Announcing the Unit 42 Research Portal

By Ryan Olson
December 18, 2018 at 3:17 PM

2 min. read

60,466

people reacted

Paranoid PlugX

By Tom Lancaster and Esmid Idrizovic
June 27, 2017 at 5:00 AM

11 min. read

Posts tagged with: threat intelligence

It’s All in the Name: How Unit 42 Defines and Tracks Threat Adversaries

Threat Assessment: Luna Moth Callback Phishing Campaign

Detecting Emerging Network Threats From Newly Observed Domains

Ransom Cartel Ransomware: A Possible Connection With REvil

Threat Brief: CVE-2022-41040 and CVE-2022-41082: Microsoft Exchange Server (ProxyNotShell)

Hunting for Unsigned DLLs to Find APTs

Domain Shadowing: A Stealthy Use of DNS Compromise for Cybercrime

OriginLogger: A Look at Agent Tesla’s Successor

Credential Gathering From Third-Party Software

BlueSky Ransomware: Fast Encryption via Multithreading

Novel News on Cuba Ransomware: Greetings From Tropical Scorpius

Unit 42 Threat Group Naming Update

Introducing Actionable Threat Objects and Mitigations (ATOMs)

Threat Intelligence Has Never Looked Better – Announcing the Unit 42 Research Portal

Paranoid PlugX

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account