Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack Executive SummaryUnit 42 researchers identified a North Korean IT worker activity... 2024-11-15 07:0:12 | 阅读: 49 | 收藏 | Unit 42 - unit42.paloaltonetworks.com north sta 0237 korean cloud

Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them Executive SummaryWorkers with allegiances to the... 2024-11-13 19:0:36 | 阅读: 9 | 收藏 | Unit 42 - unit42.paloaltonetworks.com dprk remote subcategory security lowercase

ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI Executive SummaryIn the race to gain a competitive edge, organizations are increas... 2024-11-12 19:0:11 | 阅读: 12 | 收藏 | Unit 42 - unit42.paloaltonetworks.com gcp vertex malicious llm tuning

Silent Skimmer Gets Loud (Again) Executive SummaryIn late May 2024, Unit 42 researchers observed an adversary compr... 2024-11-7 19:0:13 | 阅读: 13 | 收藏 | Unit 42 - unit42.paloaltonetworks.com reverse c2 loader ringq powershell

Automatically Detecting DNS Hijacking in Passive DNS Executive SummaryIn this article, we explain our process of detecting domain name... 2024-11-5 07:0:48 | 阅读: 24 | 收藏 | Unit 42 - unit42.paloaltonetworks.com hijacking uts hu hijacked pdns

TA Phone Home: EDR Evasion Testing Reveals Extortion Actor's Toolkit Executive SummaryThis article reviews an incident where a threat actor unsuccessfu... 2024-11-2 06:0:12 | 阅读: 19 | 收藏 | Unit 42 - unit42.paloaltonetworks.com bypass rogue cobalt kernelmode machine

Jumpy Pisces Engages in Play Ransomware Executive SummaryUnit 42 has identified Jumpy Pisces, a North Korean state-sponsor... 2024-10-30 18:0:29 | 阅读: 55 | 收藏 | Unit 42 - unit42.paloaltonetworks.com ransomware jumpy pisces attackers north

Deceptive Delight: Jailbreak LLMs Through Camouflage and Distraction Executive SummaryThis article introduces a simple and straightforward technique fo... 2024-10-23 18:0:55 | 阅读: 10 | 收藏 | Unit 42 - unit42.paloaltonetworks.com jailbreak harmful asr delight deceptive

Gatekeeper Bypass: Uncovering Weaknesses in a macOS Security Mechanism Executive SummaryUnit 42 researchers have found that certain third-party utilities... 2024-10-17 18:0:5 | 阅读: 5 | 收藏 | Unit 42 - unit42.paloaltonetworks.com security software bypass developers 7z

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks Executive SummaryThe Unit 42 Threat Frontier report is our look forward to the fut... 2024-10-16 18:30:21 | 阅读: 9 | 收藏 | Unit 42 - unit42.paloaltonetworks.com security attackers genai palo defenders

Lynx Ransomware: A Rebranding of INC Ransomware Executive SummaryIn July 2024, researchers from Palo Alto Networks discovered a su... 2024-10-11 05:0:46 | 阅读: 140 | 收藏 | Unit 42 - unit42.paloaltonetworks.com ransomware lynx alto palo drives

Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware Executive SummaryUnit 42 has tracked activity from threat actors associated with t... 2024-10-9 18:0:54 | 阅读: 81 | 收藏 | Unit 42 - unit42.paloaltonetworks.com beavertail windows python cortex

No Way to Hide: Uncovering New Campaigns from Daily Tunneling Detection Executive SummaryThis article reviews four previously undisclosed domain name syst... 2024-10-5 05:0:3 | 阅读: 14 | 收藏 | Unit 42 - unit42.paloaltonetworks.com tunneling rootdom nameserver c2 ns500505

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning Executive SummaryResearchers at Palo Alto Networks discovered an automated scannin... 2024-10-1 18:0:5 | 阅读: 32 | 收藏 | Unit 42 - unit42.paloaltonetworks.com injection cloud machine malicious security

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy Executive SummaryUnit 42 researchers discovered two malware samples used by the Sp... 2024-9-26 18:0:51 | 阅读: 23 | 收藏 | Unit 42 - unit42.paloaltonetworks.com klogexe fpspy sparkling pisces powershell

Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz Executive SummaryWe have been monitoring a widely popular phishing-as-a-service (P... 2024-9-25 05:0:32 | 阅读: 83 | 收藏 | Unit 42 - unit42.paloaltonetworks.com phishing dz sniper proxy phaas

Inside SnipBot: The Latest RomCom Malware Variant Executive SummaryWe recently discovered a novel version of the RomCom malware fami... 2024-9-24 05:0:55 | 阅读: 112 | 收藏 | Unit 42 - unit42.paloaltonetworks.com c2 attacker snipbot download

Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool Executive SummaryThis article discusses the discovery of a new post-exploitation r... 2024-9-19 18:0:43 | 阅读: 20 | 收藏 | Unit 42 - unit42.paloaltonetworks.com splinter c2 wildfire analysis attacker

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors Executive SummaryUnit 42 researchers have been tracking the activity of an ongoing... 2024-9-19 05:0:59 | 阅读: 27 | 收藏 | Unit 42 - unit42.paloaltonetworks.com poolrat pondrat gleaming pisces

Phishing Pages Delivered Through Refresh HTTP Response Header Executive SummaryUnit 42 researchers observed many large-scale phishing campaigns... 2024-9-11 18:0:5 | 阅读: 15 | 收藏 | Unit 42 - unit42.paloaltonetworks.com phishing malicious recipient attackers hxxps