Click here to download all references as Bib-File.•
| 2025-06-13
⋅
Twitter (@Unit42_Intel)
⋅
Tweet about APT27 SysUpdate activity HyperSSL HyperSSL |
| 2025-04-29
⋅
paloalto Netoworks: Unit42
⋅
Gremlin Stealer: New Stealer on Sale in Underground Forum Gremlin |
| 2025-01-17
⋅
Twitter (@Unit42_Intel)
⋅
Tweet about affiliates of DarkScorpius using Social Engineering via MS Teams UNC4393 |
| 2024-10-10
⋅
paloalto Netoworks: Unit42
⋅
Lynx Ransomware: A Rebranding of INC Ransomware INC Lynx |
| 2024-04-16
⋅
paloalto Netoworks: Unit42
⋅
ContactForms campaign pushing SSLoad malware SSLoad |
| 2024-04-11
⋅
paloalto Netoworks: Unit42
⋅
Contact Forms Campaign Pushes SSLoad Malware SSLoad |
| 2024-03-05
⋅
CIP
⋅
Semi-Annual Chronicles of UAC-0006 Operations SmokeLoader |
| 2023-09-15
⋅
paloalto Netoworks: Unit42
⋅
Threat Group Assessment: Muddled Libra |
| 2023-07-20
⋅
paloalto Netoworks: Unit42
⋅
Threat Group Assessment: Mallox Ransomware TargetCompany |
| 2023-05-09
⋅
paloalto Netoworks: Unit42
⋅
Threat Assessment: Royal Ransomware Royal Ransom Royal Ransom |
| 2023-04-11
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on change of IcedID backconnect traffic port from 8080 to 443 IcedID |
| 2023-01-18
⋅
Palo Alto Networks Unit 42
⋅
Chinese Playful Taurus Activity in Iran turian |
| 2022-12-20
⋅
Palo Alto Networks Unit 42
⋅
Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine Unidentified VBS 005 (Telegram Loader) |
| 2022-11-03
⋅
paloalto Netoworks: Unit42
⋅
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild Cobalt Strike |
| 2022-10-31
⋅
paloalto Netoworks: Unit42
⋅
Banking Trojan Techniques: How Financially Motivated Malware Became Infrastructure Dridex Kronos TrickBot Zeus |
| 2022-07-18
⋅
Palo Alto Networks Unit 42
⋅
Clean Ursa PowerShower Inception Framework |
| 2022-03-24
⋅
paloalto Netoworks: Unit42
⋅
Threat Brief: Lapsus$ Group RedLine Stealer |
| 2022-03-16
⋅
paloalto Netoworks: Unit42
⋅
Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect Cobalt Strike |
| 2022-01-17
⋅
Github (pan-unit42)
⋅
IOCs for Astaroth/Guildma malware infection Astaroth |
| 2021-11-17
⋅
Twitter (@Unit42_Intel)
⋅
Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |