WildFire Archives

2,093

people reacted

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

By Mark Lim and Riley Porter
June 24, 2022 at 6:00 AM

5 min. read

A conceptual image representing targeted attacks, including the XLL Files and Dridex infection chain discussed here.

29,740

people reacted

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

By Saqib Khanzada
May 19, 2022 at 12:00 PM

8 min. read

A conceptual image representing malware, such as the SolarMarker campaign discussed here.

34,957

people reacted

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

By Shimi Cohen, Inbal Shalev and Irena Damsky
April 8, 2022 at 6:00 PM

263

8 min. read

A conceptual image representing malware, such as the OutSteel and SaintBot payloads that were observed as part of an attack targeting Ukrainian organizations.

35,179

people reacted

Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot

By Unit 42
February 25, 2022 at 5:30 PM

21 min. read

A conceptual image representing geopolitical cyber activity, such as what has been associated with Russia-Ukraine

88,890

people reacted

Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams

By Unit 42
February 22, 2022 at 3:00 PM

286

13 min. read

A bear trap accompanied by symbols associated with Russia and Ukraine come together to form a conceptual image for Russia's Gamaredon, aka Primitive Bear, an APT targeting Ukraine.

79,207

people reacted

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)

By Unit 42
February 3, 2022 at 1:00 PM

19 min. read

A conceptual image representing targeted attacks, including the type of malware discussed here, dropped by Excel add-ins and Office 4.0 macros.

39,357

people reacted

Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies

By Yaron Samuel
January 25, 2022 at 6:00 AM

8 min. read

54,742

people reacted

Threat Brief: Ongoing Russia and Ukraine Cyber Conflict

By Robert Falcone, Mike Harbison and Josh Grunzweig
January 20, 2022 at 12:30 PM

8 min. read

A conceptual image representing issues with DNS, such as the DNS rebinding discussed here.

45,224

people reacted

DNS Rebinding Attack: How Malicious Websites Exploit Private Networks

By Zhanhao Chen
August 31, 2021 at 6:00 AM

13 min. read

A conceptual image representing ransomware, such as the ransomware families discussed in this post.

35,434

people reacted

Ransomware Families: 2021 Data to Supplement the Unit 42 Ransomware Threat Report

By Guang Qing He, Cecil Liu, Aiden Huang and Royce Lu
July 28, 2021 at 6:00 AM

7 min. read

A conceptual image representing THOR, a previously unseen PlugX variant deployed by the PKPLUG Group. The image features a Panda because PKPLUG is also known as Mustang Panda. It also features the logos of Palo Alto Networks and Unit 42.

54,067

people reacted

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

By Mike Harbison and Alex Hinchliffe
July 27, 2021 at 12:00 PM

13 min. read

30,201

people reacted

Evade Sandboxes With a Single Bit – the Trap Flag

By Mark Lim
July 19, 2021 at 3:30 PM

5 min. read

Machine Learning Command and Control project detects C2 traffic types.

34,680

people reacted

Using AI to Detect Malicious C2 Traffic

By Ajaya Neupane and Stefan Achleitner
May 24, 2021 at 6:00 AM

8 min. read

This image illustrates the concept of cybersquatting, a practice used by cybercriminals to take advantage of well-known domain names and brands.

44,815

people reacted

Cybersquatting: Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers

By Zhanhao Chen and Janos Szurdi
September 1, 2020 at 3:00 AM

17 min. read

Conceptual image illustrating WastedLocker ransomware

38,685

people reacted

Threat Assessment: WastedLocker Ransomware

By Alex Hinchliffe, Doel Santos, Adrian McCabe and Robert Falcone
July 30, 2020 at 6:00 AM

4 min. read

Posts tagged with: WildFire

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families

Weaponization of Excel Add-Ins Part 2: Dridex Infection Chain Case Studies

New SolarMarker (Jupyter) Campaign Demonstrates the Malware’s Changing Attack Patterns

Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot

Russia-Ukraine Cyberattacks (Updated): How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement, Phishing and Scams

Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)

Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies

Threat Brief: Ongoing Russia and Ukraine Cyber Conflict

DNS Rebinding Attack: How Malicious Websites Exploit Private Networks

Ransomware Families: 2021 Data to Supplement the Unit 42 Ransomware Threat Report

THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group

Evade Sandboxes With a Single Bit – the Trap Flag

Using AI to Detect Malicious C2 Traffic

Cybersquatting: Attackers Mimicking Domains of Major Brands Including Facebook, Apple, Amazon and Netflix to Scam Consumers

Threat Assessment: WastedLocker Ransomware

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account