Latest Blogs

POPULAR BLOGS

Popular Topics

SOC
Cloud Security
AI
Cortex XDR
Prisma SASE
Interview

Unit 42 Threat Research

company article
Threat Brief Threat Briefs and Assessments
Threat Brief: Operation MidnightEclipse, Post-Exploitation Activi...
We detail Operation MidnightEclipse, a campaign exploiting command injection vulnerability CVE-2024-3400, and include protections and mitigations....
April 12, 2024
By  Unit 42
company article
Cloud
Muddled Libra’s Evolution to the Cloud
Muddled Libra now actively targets CSP environments and SaaS applications. Using the MITRE ATT&CK framework, we outline observed TTPs from incident response....
April 9, 2024
By  Margaret Zimmermann
company article
Malware
It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the...
We describe the characteristics of malware-initiated scanning attacks. These attacks differ from direct scanning and are increasing according to our data....
April 8, 2024
By  Beliz Kaleli , Fang Liu , Peng Peng , Alex Starov , Joey Allen , Stefan Springer
company article
Cloud Threat Brief Threat Briefs and Assessments Vulnerability
Threat Brief: Vulnerability in XZ Utils Data Compression Library ...
An overview of CVE-2024-3094, a vulnerability in XZ Utils, and information about how to mitigate....
March 30, 2024
By  Unit 42
company article
Vulnerability
Exposing a New BOLA Vulnerability in Grafana
Unit 42 researchers discovered CVE-2024-1313, a broken object level authorization (BOLA) vulnerability in open-source data visualization platform Grafana. ...
March 27, 2024
By  Ravid Mazon , Jay Chen
company article
Malware
ASEAN Entities in the Spotlight: Chinese APT Group Targeting
We analyze the actions of two separate Chinese APTs — including Stately Taurus — that targeted ASEAN-affiliated entities through different methods....
March 26, 2024
By  Unit 42
company article
Malware
Large-Scale StrelaStealer Campaign in Early 2024
We unravel the details of two large-scale StrelaStealer campaigns from 2023 and 2024. This email credential stealer has a new variant delivered through zipped J...
March 22, 2024
By  Benjamin Chang , Goutam Tripathy , Pranay Kumar Chhaparwal , Anmol Maurya , Vishwa Thothathri
company article
Malware
Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detectio...
Iran-linked APT Curious Serpens is using a new backdoor, FalseFont, to target the aerospace and defense industries through fake job recruitment....
March 21, 2024
By  Tom Fakterman , Daniel Frank , Jerome Tujague
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links