Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-02-25paloalto Networks Unit 42Unit 42
Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot
Saint Bot
2022-02-24paloalto Networks Unit 42Unit 42
SockDetour – a Silent, Fileless, Socketless Backdoor – Targets U.S. Defense Contractors
TiltedTemple
2022-02-22Palo Alto Networks Unit 42Unit 42
Russia-Ukraine Crisis: How to Protect Against the Cyber Impact
HermeticWiper
2022-02-15Palo Alto Networks Unit 42Brad Duncan, Micah Yates, Saqib Khanzada, Tyler Halfpop
New Emotet Infection Method
Emotet
2022-02-03Palo Alto Networks Unit 42Unit 42
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine (Updated June 22)
Pteranodon Gamaredon Group
2022-02-03Palo Alto Networks Unit 42Unit 42
Russia’s Gamaredon aka Primitive Bear APT Group Actively Targeting Ukraine
Pteranodon Gamaredon Group
2022-01-27Palo Alto Networks Unit 42Alex Hinchliffe, Amanda Tanner, Doel Santos
Threat Assessment: BlackCat Ransomware
BlackCat
2022-01-25Palo Alto Networks Unit 42Yaron Samuel
Weaponization of Excel Add-Ins Part 1: Malicious XLL Files and Agent Tesla Case Studies
Agent Tesla
2022-01-20Palo Alto Networks Unit 42Josh Grunzweig, Mike Harbison, Robert Falcone
Threat Brief: Ongoing Russia and Ukraine Cyber Conflict
WhisperGate
2021-12-29Palo Alto Networks Unit 42Daiping Liu, Jielong Xu, Wanjin Li, Zhanhao Chen
Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends
Chrysaor SUNBURST
2021-12-02Palo Alto Networks Unit 42Peter Renals, Robert Falcone
APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
Godzilla Webshell
2021-11-17Twitter (@Unit42_Intel)Unit 42
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike
Cobalt Strike QakBot
2021-11-07Palo Alto Networks Unit 42Jeff White, Peter Renals, Robert Falcone
Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
Godzilla Webshell NGLite
2021-11-05Twitter (@Unit42_Intel)Unit 42
Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops
BazarBackdoor Cobalt Strike
2021-10-14Palo Alto Networks Unit 42Daiping Liu, Jin Chen, Leo Olson, Wayne Xin, Yue Guan
Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes
2021-10-07Palo Alto Networks Unit 42Peter Renals
SilverTerrier – Nigerian Business Email Compromise
2021-09-30Palo Alto Networks Unit 42Brady Stout
Credential Harvesting at Scale Without Malware
2021-09-15Palo Alto Networks Unit 42Anna Chung, Swetha Balla
Phishing Eager Travelers
Dridex
2021-09-10Palo Alto Networks Unit 42Lucas Hu
PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection
2021-08-30Palo Alto Networks Unit 42Brock Mammen, Haozhe Zhang
New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305)
Mirai