Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-01Palo Alto Networks Unit 42Lior Rochberger
@online{rochberger:20230801:nodestealer:6c972d8, author = {Lior Rochberger}, title = {{NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts}}, date = {2023-08-01}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/nodestealer-2-targets-facebook-business/}, language = {English}, urldate = {2023-08-21} } NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts
BitRAT NodeStealer XWorm
2023-07-19Palo Alto Networks Unit 42Unit 42, Nelson William Gamazo Sanchez, Nathaniel Quist
@online{42:20230719:p2pinfect:c1613c2, author = {Unit 42 and Nelson William Gamazo Sanchez and Nathaniel Quist}, title = {{P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm}}, date = {2023-07-19}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/peer-to-peer-worm-p2pinfect/}, language = {English}, urldate = {2023-07-20} } P2PInfect: The Rusty Peer-to-Peer Self-Replicating Worm
2023-07-12Palo Alto Networks Unit 42Unit 42
@online{42:20230712:diplomats:53b84ac, author = {Unit 42}, title = {{Diplomats Beware: Cloaked Ursa Phishing With a Twist}}, date = {2023-07-12}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cloaked-ursa-phishing/#post-129063-_odp1m3lxt5m2}, language = {English}, urldate = {2023-07-13} } Diplomats Beware: Cloaked Ursa Phishing With a Twist
2023-07-12Palo Alto Networks Unit 42Unit 42
@online{42:20230712:diplomats:ff60fd1, author = {Unit 42}, title = {{Diplomats Beware: Cloaked Ursa Phishing With a Twist}}, date = {2023-07-12}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cloaked-ursa-phishing/}, language = {English}, urldate = {2023-07-17} } Diplomats Beware: Cloaked Ursa Phishing With a Twist
GraphDrop
2023-05-30Palo Alto Networks Unit 42Brad Duncan
@online{duncan:20230530:cold:c92393b, author = {Brad Duncan}, title = {{Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID}}, date = {2023-05-30}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/wireshark-quiz-icedid-answers/}, language = {English}, urldate = {2023-08-10} } Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
IcedID PhotoLoader
2023-05-26Palo Alto Networks Unit 42Unit 42
@online{42:20230526:threat:59dc234, author = {Unit 42}, title = {{Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (aka Volt Typhoon)}}, date = {2023-05-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/volt-typhoon-threat-brief/}, language = {English}, urldate = {2023-07-31} } Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus (aka Volt Typhoon)
2023-05-03Palo Alto Networks Unit 42Mark Lim, Daniel Raygoza, Bob Jung
@online{lim:20230503:teasing:eef7ae4, author = {Mark Lim and Daniel Raygoza and Bob Jung}, title = {{Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale}}, date = {2023-05-03}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/teasing-secrets-malware-configuration-parsing}, language = {English}, urldate = {2023-05-04} } Teasing the Secrets From Threat Actors: Malware Configuration Parsing at Scale
IcedID PhotoLoader
2023-04-26Palo Alto Networks Unit 42Unit 42
@online{42:20230426:chinese:3dad965, author = {Unit 42}, title = {{Chinese Alloy Taurus Updates PingPull Malware}}, date = {2023-04-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/alloy-taurus/}, language = {English}, urldate = {2023-04-27} } Chinese Alloy Taurus Updates PingPull Malware
PingPull Sword2033
2023-03-16Palo Alto Networks Unit 42Frank Lee, Scott Roland
@online{lee:20230316:beeware:1ad83b4, author = {Frank Lee and Scott Roland}, title = {{Bee-Ware of Trigona, An Emerging Ransomware Strain}}, date = {2023-03-16}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/trigona-ransomware-update/}, language = {English}, urldate = {2023-03-20} } Bee-Ware of Trigona, An Emerging Ransomware Strain
Cryakl MimiKatz Trigona
2023-01-26Palo Alto Networks Unit 42Mike Harbison, Jen Miller-Osborn
@online{harbison:20230126:chinese:a83622f, author = {Mike Harbison and Jen Miller-Osborn}, title = {{Chinese PlugX Malware Hidden in Your USB Devices?}}, date = {2023-01-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/plugx-variants-in-usbs/}, language = {English}, urldate = {2023-01-27} } Chinese PlugX Malware Hidden in Your USB Devices?
PlugX
2023-01-18Palo Alto Networks Unit 42Unit42
@online{unit42:20230118:chinese:65e6e4b, author = {Unit42}, title = {{Chinese Playful Taurus Activity in Iran}}, date = {2023-01-18}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/playful-taurus/}, language = {English}, urldate = {2023-01-23} } Chinese Playful Taurus Activity in Iran
turian
2022-12-27Palo Alto Networks Unit 42Esmid Idrizovic, Bob Jung, Daniel Raygoza, Sean Hughes
@online{idrizovic:20221227:navigating:4cd52c5, author = {Esmid Idrizovic and Bob Jung and Daniel Raygoza and Sean Hughes}, title = {{Navigating the Vast Ocean of Sandbox Evasions}}, date = {2022-12-27}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/sandbox-evasion-memory-detection/}, language = {English}, urldate = {2022-12-29} } Navigating the Vast Ocean of Sandbox Evasions
TrickBot Zebrocy
2022-12-20Palo Alto Networks Unit 42Unit42
@online{unit42:20221220:russias:75dec0c, author = {Unit42}, title = {{Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine}}, date = {2022-12-20}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/trident-ursa/}, language = {English}, urldate = {2023-01-25} } Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine
Unidentified VBS 005 (Telegram Loader)
2022-12-12Palo Alto Networks Unit 42Oz Soprin, Shachar Roitman
@online{soprin:20221212:precious:3aff93e, author = {Oz Soprin and Shachar Roitman}, title = {{Precious Gemstones: The New Generation of Kerberos Attacks}}, date = {2022-12-12}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/next-gen-kerberos-attacks/}, language = {English}, urldate = {2023-02-17} } Precious Gemstones: The New Generation of Kerberos Attacks
2022-12-08Palo Alto Networks Unit 42Dror Alon
@online{alon:20221208:compromised:08b9dac, author = {Dror Alon}, title = {{Compromised Cloud Compute Credentials: Case Studies From the Wild}}, date = {2022-12-08}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/compromised-cloud-compute-credentials/}, language = {English}, urldate = {2022-12-13} } Compromised Cloud Compute Credentials: Case Studies From the Wild
2022-12-02Palo Alto Networks Unit 42Dominik Reichel, Esmid Idrizovic, Bob Jung
@online{reichel:20221202:blowing:0698d7a, author = {Dominik Reichel and Esmid Idrizovic and Bob Jung}, title = {{Blowing Cobalt Strike Out of the Water With Memory Analysis}}, date = {2022-12-02}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/cobalt-strike-memory-analysis/}, language = {English}, urldate = {2022-12-05} } Blowing Cobalt Strike Out of the Water With Memory Analysis
Cobalt Strike
2022-11-21Palo Alto Networks Unit 42Kristopher Russo
@online{russo:20221121:threat:86205c7, author = {Kristopher Russo}, title = {{Threat Assessment: Luna Moth Callback Phishing Campaign}}, date = {2022-11-21}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/luna-moth-callback-phishing/}, language = {English}, urldate = {2022-11-25} } Threat Assessment: Luna Moth Callback Phishing Campaign
BazarBackdoor Conti
2022-11-18Palo Alto Networks Unit 42Akshata Rao, Zong-Yu Wu, Wenjun Hu
@online{rao:20221118:ai:33376a7, author = {Akshata Rao and Zong-Yu Wu and Wenjun Hu}, title = {{An AI Based Solution to Detecting the DoubleZero .NET Wiper}}, date = {2022-11-18}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/doublezero-net-wiper/}, language = {English}, urldate = {2022-11-25} } An AI Based Solution to Detecting the DoubleZero .NET Wiper
DoubleZero
2022-09-27Palo Alto Networks Unit 42Mark Lim
@online{lim:20220927:more:5992cc3, author = {Mark Lim}, title = {{More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID}}, date = {2022-09-27}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/polyglot-file-icedid-payload/}, language = {English}, urldate = {2022-09-30} } More Than Meets the Eye: Exposing a Polyglot File That Delivers IcedID
PhotoLoader
2022-09-26Palo Alto Networks Unit 42Daniela Shalev, Itay Gamliel
@online{shalev:20220926:hunting:3489fdb, author = {Daniela Shalev and Itay Gamliel}, title = {{Hunting for Unsigned DLLs to Find APTs}}, date = {2022-09-26}, organization = {Palo Alto Networks Unit 42}, url = {https://unit42.paloaltonetworks.com/unsigned-dlls/}, language = {English}, urldate = {2022-09-30} } Hunting for Unsigned DLLs to Find APTs
PlugX Raspberry Robin Roshtyak