Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-15Palo Alto Networks Unit 42Robert Falcone
@online{falcone:20210415:actor:8428e3f, author = {Robert Falcone}, title = {{Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials}}, date = {2021-04-15}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/exchange-server-credential-harvesting/}, language = {English}, urldate = {2021-04-19} } Actor Exploits Microsoft Exchange Server Vulnerabilities, Cortex XDR Blocks Harvesting of Credentials
CHINACHOPPER
2021-04-13Palo Alto Networks Unit 42Doel Santos
@online{santos:20210413:threat:7154f80, author = {Doel Santos}, title = {{Threat Assessment: Clop Ransomware}}, date = {2021-04-13}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/clop-ransomware/}, language = {English}, urldate = {2021-04-14} } Threat Assessment: Clop Ransomware
Clop
2021-04-09Palo Alto Networks Unit 42Yanhui Jia, Chris Navarrete
@online{jia:20210409:emotet:c376dd2, author = {Yanhui Jia and Chris Navarrete}, title = {{Emotet Command and Control Case Study}}, date = {2021-04-09}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/emotet-command-and-control/}, language = {English}, urldate = {2021-04-12} } Emotet Command and Control Case Study
Emotet
2021-04-08Palo Alto Networks Unit 42Ken Hsu, Vaibhav Singhal, Ashutosh Chitwadgi
@online{hsu:20210408:attackers:c68051d, author = {Ken Hsu and Vaibhav Singhal and Ashutosh Chitwadgi}, title = {{Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations}}, date = {2021-04-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/attackers-conducting-cryptojacking-u-s-education-organizations/}, language = {English}, urldate = {2021-04-12} } Attackers Conducting Cryptojacking Operation Against U.S. Education Organizations
2021-04-07Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20210407:wireshark:3c806d8, author = {Brad Duncan}, title = {{Wireshark Tutorial: Examining Traffic from Hancitor Infections}}, date = {2021-04-07}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/wireshark-tutorial-hancitor-followup-malware/}, language = {English}, urldate = {2021-04-12} } Wireshark Tutorial: Examining Traffic from Hancitor Infections
Hancitor
2021-04-05Palo Alto Networks Unit 42Ashutosh Chitwadgi, Ashkan Hosseini
@online{chitwadgi:20210405:2020:cc3fe6d, author = {Ashutosh Chitwadgi and Ashkan Hosseini}, title = {{2020 Phishing Trends With PDF Files}}, date = {2021-04-05}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/phishing-trends-with-pdf-files/}, language = {English}, urldate = {2021-04-12} } 2020 Phishing Trends With PDF Files
2021-04-01Palo Alto Networks Unit 42Vijay Prakash, Brad Duncan
@online{prakash:20210401:wireshark:4778091, author = {Vijay Prakash and Brad Duncan}, title = {{Wireshark Tutorial: Decrypting RDP Traffic}}, date = {2021-04-01}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/wireshark-tutorial-decrypting-rdp-traffic/}, language = {English}, urldate = {2021-04-09} } Wireshark Tutorial: Decrypting RDP Traffic
2021-04-01Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20210401:hancitors:8876ca1, author = {Brad Duncan}, title = {{Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool}}, date = {2021-04-01}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/hancitor-infections-cobalt-strike/}, language = {English}, urldate = {2021-04-06} } Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool
Cobalt Strike Hancitor
2021-03-26Palo Alto Networks Unit 42Aviv Sasson
@online{sasson:20210326:20:5d030d7, author = {Aviv Sasson}, title = {{20 Million Miners: Finding Malicious Cryptojacking Images in Docker Hub}}, date = {2021-03-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/malicious-cryptojacking-images/}, language = {English}, urldate = {2021-03-31} } 20 Million Miners: Finding Malicious Cryptojacking Images in Docker Hub
2021-03-26Palo Alto Networks Unit 42Unit 42
@online{42:20210326:threat:343faf5, author = {Unit 42}, title = {{Threat Assessment: Matrix Ransomware}}, date = {2021-03-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/matrix-ransomware/}, language = {English}, urldate = {2021-03-30} } Threat Assessment: Matrix Ransomware
Matrix Ransom
2021-03-24Palo Alto Networks Unit 42Lucas Hu
@online{hu:20210324:fake:c715b76, author = {Lucas Hu}, title = {{Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech}}, date = {2021-03-24}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/covid-19-themed-phishing-attacks/}, language = {English}, urldate = {2021-03-25} } Fake Websites Used in COVID-19 Themed Phishing Attacks, Impersonating Brands Like Pfizer and BioNTech
2021-03-17Palo Alto Networks Unit 42Unit42
@techreport{unit42:20210317:ransomware:504cc32, author = {Unit42}, title = {{Ransomware Threat Report 2021}}, date = {2021-03-17}, institution = {Palo Alto Networks Unit 42}, url = {https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/Unit_42/unit42-ransomware-threat-report-2021.pdf}, language = {English}, urldate = {2021-03-19} } Ransomware Threat Report 2021
RansomEXX Dharma DoppelPaymer Gandcrab Mailto Maze Phobos Ransomware RansomEXX REvil Ryuk WastedLocker Zeppelin Ransomware
2021-03-17Palo Alto Networks Unit 42Haozhe Zhang, Vaibhav Singhal, Zhibin Zhang, Jun Du
@online{zhang:20210317:satori:6a1b4ac, author = {Haozhe Zhang and Vaibhav Singhal and Zhibin Zhang and Jun Du}, title = {{Satori: Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE Vulnerability}}, date = {2021-03-17}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/satori-mirai-botnet-variant-targeting-vantage-velocity-field-unit-rce-vulnerability/}, language = {English}, urldate = {2021-03-22} } Satori: Mirai Botnet Variant Targeting Vantage Velocity Field Unit RCE Vulnerability
Satori
2021-03-15Palo Alto Networks Unit 42Vaibhav Singhal, Ruchna Nigam, Zhibin Zhang, Asher Davila
@online{singhal:20210315:new:d276fac, author = {Vaibhav Singhal and Ruchna Nigam and Zhibin Zhang and Asher Davila}, title = {{New Mirai Variant Targeting New IoT Vulnerabilities, Including in Network Security Devices}}, date = {2021-03-15}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/}, language = {English}, urldate = {2021-03-22} } New Mirai Variant Targeting New IoT Vulnerabilities, Including in Network Security Devices
Mirai
2021-03-11Palo Alto Networks Unit 42Unit 42
@online{42:20210311:microsoft:c51c694, author = {Unit 42}, title = {{Microsoft Exchange Server Attack Timeline}}, date = {2021-03-11}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/microsoft-exchange-server-attack-timeline/}, language = {English}, urldate = {2021-03-12} } Microsoft Exchange Server Attack Timeline
CHINACHOPPER
2021-03-09Palo Alto Networks Unit 42Unit 42
@online{42:20210309:remediation:4973903, author = {Unit 42}, title = {{Remediation Steps for the Microsoft Exchange Server Vulnerabilities}}, date = {2021-03-09}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/remediation-steps-for-the-Microsoft-Exchange-Server-vulnerabilities/}, language = {English}, urldate = {2021-03-11} } Remediation Steps for the Microsoft Exchange Server Vulnerabilities
CHINACHOPPER
2021-03-08Palo Alto Networks Unit 42Jeff White
@online{white:20210308:analyzing:9b932a3, author = {Jeff White}, title = {{Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells}}, date = {2021-03-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/china-chopper-webshell/}, language = {English}, urldate = {2021-03-11} } Analyzing Attacks Against Microsoft Exchange Server With China Chopper Webshells
CHINACHOPPER
2021-03-08Palo Alto Networks Unit 42Chris Navarrete, Yanhui Jia, Matthew Tennis, Durgesh Sangvikar, Rongbo Shao
@online{navarrete:20210308:attack:6238643, author = {Chris Navarrete and Yanhui Jia and Matthew Tennis and Durgesh Sangvikar and Rongbo Shao}, title = {{Attack Chain Overview: Emotet in December 2020 and January 2021}}, date = {2021-03-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/attack-chain-overview-emotet-in-december-2020-and-january-2021/}, language = {English}, urldate = {2021-03-11} } Attack Chain Overview: Emotet in December 2020 and January 2021
Emotet
2021-02-19Palo Alto Networks Unit 42Dominik Reichel
@online{reichel:20210219:ironnetinjector:07c7f33, author = {Dominik Reichel}, title = {{IronNetInjector: Turla’s New Malware Loading Tool}}, date = {2021-02-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/ironnetinjector/}, language = {English}, urldate = {2021-02-20} } IronNetInjector: Turla’s New Malware Loading Tool
Agent.BTZ TurlaRPC
2021-02-17Palo Alto Networks Unit 42Nathaniel Quist
@online{quist:20210217:watchdog:1cd1353, author = {Nathaniel Quist}, title = {{WatchDog: Exposing a Cryptojacking Campaign That’s Operated for Two Years}}, date = {2021-02-17}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/watchdog-cryptojacking/}, language = {English}, urldate = {2021-02-20} } WatchDog: Exposing a Cryptojacking Campaign That’s Operated for Two Years