Click here to download all references as Bib-File.
| 2019-05-28 ⋅ Palo Alto Networks Unit 42 ⋅ Emissary Panda Attacks Middle East Government Sharepoint Servers CHINACHOPPER HyperSSL |
| 2019-04-30 ⋅ Palo Alto Networks Unit 42 ⋅ Behind the Scenes with OilRig BONDUPDATER |
| 2019-04-17 ⋅ Palo Alto Networks Unit 42 ⋅ Aggah Campaign: Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign The Gorgon Group |
| 2019-04-16 ⋅ DNS Tunneling in the Wild: Overview of OilRig’s DNS Tunneling BONDUPDATER QUADAGENT Alma Communicator Helminth ISMAgent |
| 2019-03-04 ⋅ Palo Alto Networks Unit 42 ⋅ New Python-Based Payload MechaFlounder Used by Chafer APT39 |
| 2019-02-13 ⋅ Youtube (SANS Digital Forensics & Incident Response) ⋅ Hunting Webshells: Tracking TwoFace - SANS Threat Hunting Summit 2018 TwoFace |
| 2019-01-08 ⋅ paloalto Netoworks: Unit42 ⋅ DarkHydrus delivers new Trojan that can use Google Drive for C2 communications RogueRobinNET DarkHydrus |
| 2018-12-18 ⋅ paloalto Networks Unit 42 ⋅ Sofacy Creates New ‘Go’ Variant of Zebrocy Tool Zebrocy |
| 2018-12-13 ⋅ Palo Alto Networks Unit 42 ⋅ Shamoon 3 Targets Oil and Gas Organization DistTrack |
| 2018-12-12 ⋅ Palo Alto Networks Unit 42 ⋅ Dear Joohn: The Sofacy Group’s Global Campaign APT28 |
| 2018-11-20 ⋅ Palo Alto Networks Unit 42 ⋅ Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan APT28 |
| 2018-11-20 ⋅ Palo Alto Networks Unit 42 ⋅ Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan Cannon |
| 2018-11-16 ⋅ Palo Alto Networks Unit 42 ⋅ Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery OilRig |
| 2018-09-12 ⋅ Palo Alto Networks Unit 42 ⋅ OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government BONDUPDATER |
| 2018-09-12 ⋅ Palo Alto Networks Unit 42 ⋅ OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government OilRig |
| 2018-08-07 ⋅ Palo Alto Networks Unit 42 ⋅ DarkHydrus Uses Phishery to Harvest Credentials in the Middle East DarkHydrus |
| 2018-08-02 ⋅ Palo Alto Networks Unit 42 ⋅ The Gorgon Group: Slithering Between Nation State and Cybercrime Loki Password Stealer (PWS) Nanocore RAT NjRAT Quasar RAT Remcos Revenge RAT |
| 2018-08-02 ⋅ The Gorgon Group: Slithering Between Nation State and Cybercrime The Gorgon Group |
| 2018-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ New Threat Actor Group DarkHydrus Targets Middle East Government RogueRobin DarkHydrus |
| 2018-07-25 ⋅ Palo Alto Networks Unit 42 ⋅ OilRig Targets Technology Service Provider and Government Agency with QUADAGENT OilRig |