Click here to download all references as Bib-File.
2021-01-07 ⋅ Palo Alto Networks Unit 42 ⋅ TA551: Email Attack Campaign Switches from Valak to IcedID IcedID |
2020-12-23 ⋅ Palo Alto Networks Unit 42 ⋅ A Timeline Perspective of the SolarStorm Supply-Chain Attack SUNBURST TEARDROP |
2020-12-17 ⋅ Palo Alto Networks Unit 42 ⋅ SUPERNOVA: SolarStorm’s Novel .NET Webshell SUPERNOVA |
2020-12-14 ⋅ Palo Alto Networks Unit 42 ⋅ PyMICROPSIA: New Information-Stealing Trojan from AridViper |
2020-12-14 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Brief: SolarStorm and SUNBURST Customer Coverage Cobalt Strike SUNBURST |
2020-12-10 ⋅ Palo Alto Networks Unit 42 ⋅ PGMiner: New Cryptocurrency Mining Botnet Delivered via PostgreSQL |
2020-12-10 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Brief: FireEye Red Team Tool Breach Cobalt Strike |
2020-12-09 ⋅ Palo Alto Networks Unit 42 ⋅ njRAT Spreading Through Active Pastebin Command and Control Tunnel NjRAT |
2020-12-08 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Assessment: Egregor Ransomware Egregor |
2020-11-09 ⋅ Palo Alto Networks Unit 42 ⋅ xHunt Campaign: Newly Discovered Backdoors Using Deleted Email Drafts and DNS Tunneling for Command and Control Snugy |
2020-11-09 ⋅ Palo Alto Networks Unit 42 ⋅ A Closer Look at the Web Skimmer |
2020-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ When Threat Actors Fly Under the Radar: Vatet, PyXie and Defray777 PyXie RansomEXX |
2020-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ Indicators of Compromise related to Cobaltstrike, PyXie Lite, Vatet and Defray777 Cobalt Strike PyXie RansomEXX |
2020-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ Last, but Not Least: Defray777 PyXie RansomEXX |
2020-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ Next Up: “PyXie Lite” Defray PyXie |
2020-11-06 ⋅ Palo Alto Networks Unit 42 ⋅ Linking Vatet, PyXie and Defray777 PyXie RansomEXX |
2020-10-29 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Assessment: Ryuk Ransomware and Trickbot Targeting U.S. Healthcare and Public Health Sector Anchor BazarBackdoor Ryuk TrickBot |
2020-10-29 ⋅ Palo Alto Networks Unit 42 ⋅ Domain Parking: A Gateway to Attackers Spreading Emotet and Impersonating McAfee Emotet |
2020-10-14 ⋅ Palo Alto Networks Unit 42 ⋅ Two New IoT Vulnerabilities Identified with Mirai Payloads Mirai |
2020-10-05 ⋅ paloalto Networks Unit 42 ⋅ Black-T: New Cryptojacking Variant from TeamTnT |