Click here to download all references as Bib-File.
| 2022-01-20 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Brief: Ongoing Russia and Ukraine Cyber Conflict WhisperGate |
| 2021-12-29 ⋅ Palo Alto Networks Unit 42 ⋅ Strategically Aged Domain Detection: Capture APT Attacks With DNS Traffic Trends Chrysaor SUNBURST |
| 2021-12-02 ⋅ Palo Alto Networks Unit 42 ⋅ APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus Godzilla Webshell |
| 2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |
| 2021-11-07 ⋅ Palo Alto Networks Unit 42 ⋅ Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer Godzilla Webshell NGLite |
| 2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops BazarBackdoor Cobalt Strike |
| 2021-10-14 ⋅ Palo Alto Networks Unit 42 ⋅ Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes |
| 2021-10-07 ⋅ Palo Alto Networks Unit 42 ⋅ SilverTerrier – Nigerian Business Email Compromise |
| 2021-09-30 ⋅ Palo Alto Networks Unit 42 ⋅ Credential Harvesting at Scale Without Malware |
| 2021-09-15 ⋅ Palo Alto Networks Unit 42 ⋅ Phishing Eager Travelers Dridex |
| 2021-09-10 ⋅ Palo Alto Networks Unit 42 ⋅ PhishingJS: A Deep Learning Model for JavaScript-Based Phishing Detection |
| 2021-08-30 ⋅ Palo Alto Networks Unit 42 ⋅ New Mirai Variant Targets WebSVN Command Injection Vulnerability (CVE-2021-32305) Mirai |
| 2021-08-24 ⋅ Palo Alto Networks Unit 42 ⋅ Ransomware Groups to Watch: Emerging Threats HelloKitty AvosLocker HelloKitty hive LockBit |
| 2021-07-30 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability BazarBackdoor Cobalt Strike |
| 2021-07-27 ⋅ Palo Alto Networks Unit 42 ⋅ THOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group PlugX |
| 2021-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ Evade Sandboxes With a Single Bit – the Trap Flag lampion |
| 2021-07-15 ⋅ Palo Alto Networks Unit 42 ⋅ Mespinoza Ransomware Gang Calls Victims “Partners,” Attacks with Gasket, "MagicSocks" Tools Gasket Mespinoza |
| 2021-07-06 ⋅ paloalto Networks Unit 42 ⋅ Understanding REvil: The Ransomware Gang Behind the Kaseya Attack Gandcrab REvil |
| 2021-07-03 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Brief: Kaseya VSA Ransomware Attack REvil |
| 2021-06-18 ⋅ Palo Alto Networks Unit 42 ⋅ Conti Ransomware Gang: An Overview Conti |