Click here to download all references as Bib-File.•
2022-02-25
⋅
paloalto Networks Unit 42
⋅
Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot Saint Bot |
2022-02-24
⋅
paloalto Networks Unit 42
⋅
SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors TiltedTemple |
2022-02-22
⋅
Palo Alto Networks Unit 42
⋅
Russia-Ukraine Crisis: How to Protect Against the Cyber Impact HermeticWiper |
2022-02-15
⋅
Palo Alto Networks Unit 42
⋅
New Emotet Infection Method Emotet |
2022-02-03
⋅
Palo Alto Networks Unit 42
⋅
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22) Pteranodon Gamaredon Group |
2022-02-03
⋅
Palo Alto Networks Unit 42
⋅
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine Pteranodon Gamaredon Group |
2022-01-27
⋅
Palo Alto Networks Unit 42
⋅
Threat Assessment: BlackCat Ransomware BlackCat |
2022-01-25
⋅
Palo Alto Networks Unit 42
⋅
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies Agent Tesla |
2022-01-20
⋅
Palo Alto Networks Unit 42
⋅
Threat Brief: Ongoing Russia and Ukraine Cyber Conflict WhisperGate |
2021-12-29
⋅
Palo Alto Networks Unit 42
⋅
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends Chrysaor SUNBURST |
2021-12-02
⋅
Palo Alto Networks Unit 42
⋅
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus Godzilla Webshell |
2021-11-17
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |
2021-11-07
⋅
Palo Alto Networks Unit 42
⋅
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer Godzilla Webshell NGLite |
2021-11-05
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops BazarBackdoor Cobalt Strike |
2021-10-14
⋅
Palo Alto Networks Unit 42
⋅
Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes |
2021-10-07
⋅
Palo Alto Networks Unit 42
⋅
SilverTerrier – Nigerian Business Email Compromise |
2021-09-30
⋅
Palo Alto Networks Unit 42
⋅
Credential Harvesting at Scale Without Malware |
2021-09-15
⋅
Palo Alto Networks Unit 42
⋅
Phishing Eager Travelers Dridex |
2021-09-10
⋅
Palo Alto Networks Unit 42
⋅
PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection |
2021-08-30
⋅
Palo Alto Networks Unit 42
⋅
New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305) Mirai |