Cloaked Ursa (APT29) Hackers Use Trusted Online Storage Services Executive SummaryOrganizatio... 2022-7-20 00:10:3 | 阅读: 94 | 收藏 | unit42.paloaltonetworks.com agenda malicious lure payload windows

Unit 42 Threat Group Naming Update What’s in a Name?One of the... 2022-7-19 05:0:51 | 阅读: 23 | 收藏 | unit42.paloaltonetworks.com nation modifier readers

Digium Phones Under Attack: Insight Into the Web Shell Implant Executive SummaryInstalling... 2022-7-15 21:0:4 | 阅读: 29 | 收藏 | unit42.paloaltonetworks.com php asterisk hxxp malicious freepbx

Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption This post is also available i... 2022-7-13 21:0:24 | 阅读: 39 | 收藏 | unit42.paloaltonetworks.com beacon cobalt c2 teamserver encryption

ChromeLoader: New Stubborn Malware Campaign This post is also available i... 2022-7-12 21:0:2 | 阅读: 33 | 收藏 | unit42.paloaltonetworks.com powershell chrome payload malicious

When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors This post is also available i... 2022-7-5 21:0:41 | 阅读: 29 | 收藏 | unit42.paloaltonetworks.com ratel c4 windows memory microsoft

FabricScape: Escaping Service Fabric and Taking Over the Cluster This post is also available i... 2022-6-29 07:30:9 | 阅读: 17 | 收藏 | unit42.paloaltonetworks.com fabric microsoft containers clusters malicious

There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families This post is also available i... 2022-6-24 21:0:13 | 阅读: 19 | 收藏 | unit42.paloaltonetworks.com hammering zloader wildfire windows injection

Why Are My Junctions Not Followed? Exploring Windows Redirection Trust Mitigation This post is also available i... 2022-6-15 06:0:29 | 阅读: 36 | 收藏 | unit42.paloaltonetworks.com redirection junctions junction privileged windows

GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool This post is also available i... 2022-6-13 18:0:49 | 阅读: 35 | 收藏 | unit42.paloaltonetworks.com pingpull c2 icmp hinitial x07

Exposing HelloXD Ransomware and x4k This post is also available i... 2022-6-11 09:0:53 | 阅读: 35 | 收藏 | unit42.paloaltonetworks.com x4k ransomware helloxd l4cky packer

LockBit 2.0: How This RaaS Operates and How to Protect Against It This post is also available i... 2022-6-9 21:0:27 | 阅读: 23 | 收藏 | unit42.paloaltonetworks.com lockbit ransomware security xsoar spyware

Threat Brief: Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134) (Updated) This post is also available i... 2022-6-4 08:0:48 | 阅读: 42 | 收藏 | unit42.paloaltonetworks.com atlassian cortex 26134 xpanse alto

Understanding REvil: REvil Threat Actors May Have Returned (Updated) This post is also available i... 2022-6-4 04:0:0 | 阅读: 24 | 收藏 | unit42.paloaltonetworks.com ransomware victim utilized rutor software

Popping Eagle: How We Leveraged Global Analytics to Discover a Sophisticated Threat Actor This post is also available i... 2022-6-3 06:0:40 | 阅读: 35 | 收藏 | unit42.paloaltonetworks.com eagle stage cortex remote popo