Unit 42 - Latest Cyber Security Research | Palo Alto Networks

Trang chủ » Nhóm 42 » Unit 42 - Latest Cyber Security Research | Palo Alto Networks

Có thể bạn quan tâm

Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights. CRITICAL THREAT category iconHigh Profile Threats November 22, 2024 Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include protections and mitigations.

Details and More Right Arrow Right arrow
Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights.
category iconHigh Profile Threats November 22, 2024

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)

Close-up of a person wearing glasses, reflecting computer code on the lens.
category iconThreat Research November 22, 2024

Lateral Movement on macOS: Unique and Popular Techniques and In-the-Wild Examples

Pictorial representation of a threat like BlackSuit ransomware. An illustration of a modern workspace with a laptop displaying cybersecurity icons, surrounded by stacks of coins and a credit card, all depicted in a neon, digital art style.
category iconHigh Profile Threats November 20, 2024

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware

Threat Research Down arrow
  • Threat Research
  • High Profile Threats
  • Learning Hub
  • Image representing threat actor groups, showing the tracking of constellations in alignment with the Unit 42 threat actor group naming system Threat Actor Groups
  • Trend Reports

Access the latest threat research

View all research Right Arrow
Pictorial representation of FrostyGoop malware. Close-up view of a digital screen displaying a pixelated, abstract image, possibly representing a face.
category iconMalware November 19, 2024

FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications

  • BUSTLEBERM
  • FrostyGoop
  • Go
Read now
A pictorial representation of a campaign like BeaverTail. Digital globe with interconnected network lines and data streams on a futuristic interface, symbolizing global connectivity and information technology advancements.
category iconBusiness Email Compromise November 14, 2024

Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack

  • North Korea
  • Lazarus
  • BeaverTail
Read now
Pictorial representation of global companies paying North Korean IT workers. Abstract digital world map with interconnected lines and dots, depicting global data and network connections, highlighted in blue and red colors.
category iconCybercrime November 13, 2024

Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them

  • Advanced Persistent Threat
  • DPRK
  • North Korea
Read now

Understand high profile cyberthreats and vulnerabilities

View high profile threats Right Arrow Pictorial representation of vulnerabilities such as CVE-2024-0012 and CVE-2024-9474. A panoramic nighttime view of city skyline with illuminated high-rise buildings and vibrant lights. category iconHigh Profile Threats November 22, 2024

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include protections and mitigations.

Read now
Pictorial representation of Lynx ransomware. A digital illustration of glowing chains with broken links, set against a background of binary code in blue and red.
category iconRansomware October 10, 2024

Lynx Ransomware: A Rebranding of INC Ransomware

  • Leak site
  • Double extortion
Read now
A pictorial representation of Cicada3301 ransomware. Digital rendering of a transparent padlock superimposed with programming code and placed on a network of connected databases, symbolizing cybersecurity and data protection.
category iconRansomware September 10, 2024

Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware

  • RaaS
  • Data exfiltration
  • Leak site
Read now
Illustrative image featuring two fish and the Pisces constellation superimposed on a stylized, abstract background with flowing purple waves and a starry night sky.
category iconMalware September 9, 2024

Threat Assessment: North Korean Threat Groups

  • North Korea
  • Remote Access Trojan
  • Finance
Read now
Abstract illustration of a network sppread like a spiderweb, connecting covering the globe and symbolizing data or communication links.
category iconVulnerabilities July 2, 2024

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability

  • OpenSSH
  • Remote Code Execution
  • SSH
Read now
A digital illustration of a world map focused on Europe and parts of Asia, highlighted with glowing connections and nodes representing global connectivity.
category iconVulnerabilities April 12, 2024

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 (Updated May 20)

  • MidnightEclipse
  • CVE-2024-3400
  • Upstyle
Read now
Futuristic illustration with glowing neon lights and advanced technology motifs, depicting cloud computing and data flow through interconnected networks. The scene is highlighted by hovering digital clouds and dynamic, illuminated linear structures, set in a dramatic, blue and orange color scheme.
category iconCloud Cybersecurity Research April 9, 2024

Muddled Libra’s Evolution to the Cloud

  • Microsoft Azure
  • Muddled Libra
Read now

Watch, listen and learn about cybersecurity topics

View All Right Arrow
A Black man in business attire using a tablet, with illuminated skyscrapers in the background.
category iconCybersecurity Tutorials March 1, 2024

Wireshark Tutorial: Exporting Objects From a Pcap

Learn more
Person in a blurred motion is working on a computer with screen showing lines of code, emphasizing a dynamic and intense focus on software development or programming in a dimly lit room.
category iconMalware February 2, 2024

Exploring the Latest Mispadu Stealer Variant

Learn more
category iconVulnerabilities January 1, 2024

Threat Vector Podcast

Learn more
A man wearing headphones with a microphone is focused on multiple computer screens displaying graphs and data, indicating involvement in a professional tech or analytics environment.
category iconCybersecurity Tutorials October 10, 2023

Wireshark Tutorial: Identifying Hosts and Users

Learn more
An abstract illustration of a video that has been paused. It includes a red progress bar and a large white Play button.
category iconCybersecurity Tutorials September 8, 2023

Wireshark Tutorial: Display Filter Expressions

Learn more

Follow the activities of threat actor groups tracked by Unit 42

All threat actor posts Right Arrow Constellation image representing the constellation schema used by Palo Alto Networks Unit 42 to track nation-state and cybercrime threat actor groups category iconCybercrime June 27, 2024

Threat Actor Groups Tracked by Palo Alto Networks Unit 42

A comprehensive list of threat actor groups tracked by Unit 42, along with information such as summaries and industries typically impacted.

Read now
A pictorial representation of a campaign like BeaverTail. Digital globe with interconnected network lines and data streams on a futuristic interface, symbolizing global connectivity and information technology advancements.
category iconBusiness Email Compromise November 14, 2024

Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack

  • North Korea
  • Lazarus
  • BeaverTail
Read now
A pictorial represntation of cybercrime like Silent Skimmer. A glowing red padlock on a wet surface with red particles floating in a misty, dark blue background.
category iconCybercrime November 7, 2024

Silent Skimmer Gets Loud (Again)

  • Remote Code Execution
  • Python
  • Reverse shells
Read now
A representation of a threat group like Jumpy Pisces. Illustrative image featuring two fish and the Pisces constellation superimposed on a stylized, abstract background with flowing purple waves and a starry night sky.
category iconRansomware October 30, 2024

Jumpy Pisces Engages in Play Ransomware

  • North Korea
  • Jumpy Pisces
  • Fiddling Scorpius
Read now
Pictorial representation of a campaign like Contagious Interview. Digital graphic of a glowing globe with network connections and data streams, symbolizing global connectivity and technology advancements.
category iconMalware October 9, 2024

Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware

  • North Korea
  • Social engineering
  • Python
Read now
Pictorial representation of keylogger malware like KLogEXE and FPSpy. Person working on a laptop with lines of code displayed on the screen, with a blurred effect indicating motion or activity, surrounded by a vivid blue and red lighting.
category iconMalware September 26, 2024

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy

  • MITRE
  • Keylogger
  • North Korea
Read now
Pictorial representation of APT groups from North Korea. The silhouette of two fish and the Pisces constellation inside an orange abstract planet, surrounded by two larger blue fish. Abstract, stylized cosmic setting with vibrant blue and purple shapes, representing space and distant planetary bodies.
category iconMalware September 18, 2024

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

  • Python
  • Cryptocurrency
  • North Korea
Read now

Explore in-depth cybersecurity trend reports

View All Right Arrow Report

Updated: 2024 Unit 42 Incident Response Report

Access our survey of incident data from more than 250 organizations and 600 incidents, updated for summer 2024. You’ll better understand the threats you face, including:

Initial access

  • Attackers exploited software vulnerabilities to gain access 36% more often in 2023 than previous years… and that trend is continuing in 2024.

Data theft tactics

  • In 93% of incidents Unit 42 responded to, threat actors took data indiscriminately rather than searching for specific data.

Plus updated spotlights on attackers, artificial intelligence, predictions (and how we’re doing against them), and more.

Get the report Cover of the 2024 Unit 42 Incident Response Report
A pictorial representation of AI threats. Looking over the shoulder of a man in the cockpit of a vessel in space, the window looks out on an Earth-like planet.
category iconSecurity Technology October 16, 2024

Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks

  • GenAI
Read now
Pictorial representation of attack surface management. Close-up of a person wearing glasses with computer code reflections on the lenses.
category iconSecurity Technology August 14, 2024

Unit 42 Attack Surface Threat Research: Over 23% of Internet-Connected Exposures Involve Critical IT and Security Infrastructure

  • Attack analysis
  • Media
  • Attack surface management
Read now
Pictorial representation of ransomware activity in the first half of 2024. A digitial illustration of a lock made up of nodes glowing against a background of bokeh points.
category iconRansomware August 9, 2024

Ransomware Review: First Half of 2024

  • Healthcare
  • LockBit
  • RansomHub
Read now
category iconCloud Cybersecurity Research June 18, 2024

Attack Paths Into VMs in the Cloud

  • AWS
  • IaaS
  • Virtual machines
Read now Palo Alto BG logo

Follow Unit 42 for breaking threat intelligence

  • Twitter
  • LinkedIn
  • Youtube
  • Facebook
Newsletter UNIT 42 Small Logo Get updates from Unit 42

Peace of mind comes from staying ahead of threats. Contact us today.

Your Email

Subscribe for email updates to all Unit 42 threat research.By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

Invalid captcha!

Subscribe Right Arrow loader

Từ khóa » Nhóm 42