In the months since the WanaCrypt0r/WannaCry and the Petya/NotPetya attacks, security researchers have delved into the nuts and bolts these incidents and the malware involved.
Today, Palo Alto Networks Unit 42 researchers are announcing details on a new high- severity vulnerability affecting the Google Android platform. Patches for this vulnerability are...
As part of a new series of regular threat report updates to the public covering different sets of countries from around the EMEA (Europe Middle East and Africa) region, this blog c...
On June 27, 2017, the Petya ransomware began impacting multiple organizations, including government and critical infrastructure operators. The attack spreads using multiple lateral movement techniques, with sim...
In December 2016 I posted the first of a two-part blog series, the second of which posted in April this year, to start a series of regular threat report updates to the public cover...
The WanaCrypt0r ransomware attacks that began on Friday, May 12, 2017, continue to impact systems of public and private organizations worldwide. In this post, I will outline the protections that Traps advanced...
On April 11th 2017, we saw a new malicious spam campaign using United States Postal Service (USPS)-themed emails with links that redirected to fake Microsoft Word online sites. The...
Unit 42 has published a number of articles over the last six months discussing the malicious campaigns, pseudo-Darkleech and EITest. These long-running campaigns have gone through many evolutions since their in...
Recently, Unit 42 has observed attacks against multiple Middle Eastern government organizations using a previously unseen ransomware family. Based on embedded strings within the ma...
In recent months, we've been tracking a malicious spam (malspam) campaign using emails with no message content and an attached zip archive to spread ransomware. We've nicknamed thi...
While analyzing a recent malicious Microsoft Word document, it downloaded a ransomware variant, “SAGE 2.0” (Sage Locker), which is a spin-off from CryLocker. This ransomware has been slowly making the rounds la...
EITest is a name originally coined by Malwarebytes Labs in 2014 to describe a campaign that uses exploit kits (EKs) to deliver malware. Until early January 2016, "EITest" was used...
Darkleech is long-running campaign that uses exploit kits (EKs) to deliver malware. First identified in 2012, this campaign has used different EKs to distribute various types of malware during the past few year...
This post is part of an ongoing blog series examining “Sure Things” (predictions that are almost guaranteed to happen) and “Long Shots” (predictions that are less likely to happen)...
Sit back and relax. Let us do the information gathering and give you the channel scoop.*To access content on the Partner Portal you must be a Palo Alto Networks NextWave channel partner and have a valid user name and password. Email NextWave@paloaltonetworks.com to requ...
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.