Click here to download all references as Bib-File.
2022-03-24 ⋅ paloalto Netoworks: Unit42 ⋅ Threat Brief: Lapsus$ Group RedLine Stealer |
2022-03-16 ⋅ paloalto Netoworks: Unit42 ⋅ Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect Cobalt Strike |
2022-01-17 ⋅ Github (pan-unit42) ⋅ IOCs for Astaroth/Guildma malware infection Astaroth |
2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |
2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops BazarBackdoor Cobalt Strike |
2021-10-18 ⋅ paloalto Netoworks: Unit42 ⋅ Case Study: From BazarLoader to Network Reconnaissance BazarBackdoor Cobalt Strike |
2021-08-10 ⋅ paloalto Netoworks: Unit42 ⋅ New eCh0raix Ransomware Variant Targets QNAP and Synology Network-Attached Storage Devices QNAPCrypt |
2021-07-30 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability BazarBackdoor Cobalt Strike |
2021-03-17 ⋅ Palo Alto Networks Unit 42 ⋅ Ransomware Threat Report 2021 RansomEXX Dharma DoppelPaymer Gandcrab Mailto Maze Phobos RansomEXX REvil Ryuk WastedLocker |
2020-12-14 ⋅ Palo Alto Networks Unit 42 ⋅ PyMICROPSIA: New Information-Stealing Trojan from AridViper |
2020-12-10 ⋅ Palo Alto Networks Unit 42 ⋅ Threat Brief: FireEye Red Team Tool Breach Cobalt Strike |
2020-09-07 ⋅ Github (pan-unit42) ⋅ Collection of recent Dridex IOCs Cutwail Dridex |
2020-01-23 ⋅ Palo Alto Networks Unit 42 ⋅ The Fractured Statue Campaign: U.S. Government Targeted in Spear-Phishing Attacks CARROTBALL CarrotBat Syscon |
2020 ⋅ Palo Alto Networks Unit 42 ⋅ Wastedlocker-ransomware WastedLocker |
2019-10-19 ⋅ Palo Alto Networks Unit 42 ⋅ 商用RATのエコシステム: Unit 42、高機能商用RAT Blackremote RATの作者を公開後数日で特定 BlackRemote |
2019-10-15 ⋅ Palo Alto Networks Unit 42 ⋅ Blackremote: Money Money Money – A Swedish Actor Peddles an Expensive New RAT BlackRemote |
2019-01-08 ⋅ paloalto Netoworks: Unit42 ⋅ DarkHydrus delivers new Trojan that can use Google Drive for C2 communications RogueRobinNET DarkHydrus |
2018-10-25 ⋅ Palo Alto Networks Unit 42 ⋅ New Techniques to Uncover and Attribute Cobalt Gang Commodity Builders and Infrastructure Revealed Cobalt |
2018-08-03 ⋅ Github (Unit42) ⋅ OilRig Playbook OilRig |
2018-04-04 ⋅ Palo Alto Networks Unit 42 ⋅ Smoking Out the Rarog Cryptocurrency Mining Trojan Rarog |