Tag: Unit 42
-
Unit 42: Serverless Tokens in the Cloud: Exploitation and Detections
Source URL: https://unit42.paloaltonetworks.com/serverless-authentication-cloud/ Source: Unit 42 Title: Serverless Tokens in the Cloud: Exploitation and Detections Feedly Summary: Understand the mechanics of serverless authentication: three simulated attacks across major CSPs offer effective approaches for application developers. The post Serverless Tokens in the Cloud: Exploitation and Detections appeared first on Unit 42. AI Summary and Description: Yes…
-
Unit 42: The Evolution of Linux Binaries in Targeted Cloud Operations
Source URL: https://unit42.paloaltonetworks.com/elf-based-malware-targets-cloud/ Source: Unit 42 Title: The Evolution of Linux Binaries in Targeted Cloud Operations Feedly Summary: Using data from machine learning tools, we predict a surge in cloud attacks leveraging reworked Linux Executable and Linkage Format (ELF) files. The post The Evolution of Linux Binaries in Targeted Cloud Operations appeared first on Unit…
-
Unit 42: Blitz Malware: A Tale of Game Cheats and Code Repositories
Source URL: https://unit42.paloaltonetworks.com/blitz-malware-2025/ Source: Unit 42 Title: Blitz Malware: A Tale of Game Cheats and Code Repositories Feedly Summary: Blitz malware, active since 2024 and updated in 2025, was spread via game cheats. We discuss its infection vector and abuse of Hugging Face for C2. The post Blitz Malware: A Tale of Game Cheats and…
-
Unit 42: Lost in Resolution: Azure OpenAI’s DNS Resolution Issue
Source URL: https://unit42.paloaltonetworks.com/azure-openai-dns-resolution/ Source: Unit 42 Title: Lost in Resolution: Azure OpenAI’s DNS Resolution Issue Feedly Summary: We discovered an Azure OpenAI misconfiguration allowing shared domains, potentially leading to data leaks. Microsoft quickly resolved the issue. The post Lost in Resolution: Azure OpenAI’s DNS Resolution Issue appeared first on Unit 42. AI Summary and Description:…
-
Unit 42: How Good Are the LLM Guardrails on the Market? A Comparative Study on the Effectiveness of LLM Content Filtering Across Major GenAI Platforms
Source URL: https://unit42.paloaltonetworks.com/comparing-llm-guardrails-across-genai-platforms/ Source: Unit 42 Title: How Good Are the LLM Guardrails on the Market? A Comparative Study on the Effectiveness of LLM Content Filtering Across Major GenAI Platforms Feedly Summary: We compare the effectiveness of content filtering guardrails across major GenAI platforms and identify common failure cases across different systems. The post How…
-
Unit 42: Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
Source URL: https://unit42.paloaltonetworks.com/malicious-payloads-as-bitmap-resources-hide-net-malware/ Source: Unit 42 Title: Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources Feedly Summary: Unit 42 details a new malware obfuscation technique where threat actors hide malware in bitmap resources within .NET applications. These deliver payloads like Agent Tesla or XLoader. The post Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap…
-
Unit 42: AI Agents Are Here. So Are the Threats.
Source URL: https://unit42.paloaltonetworks.com/?p=140037 Source: Unit 42 Title: AI Agents Are Here. So Are the Threats. Feedly Summary: Programs leveraging AI agents are increasingly popular. Nine attack scenarios using open-source agent frameworks show how bad actors target these applications. The post AI Agents Are Here. So Are the Threats. appeared first on Unit 42. AI Summary…
-
Unit 42: Extortion and Ransomware Trends January-March 2025
Source URL: https://unit42.paloaltonetworks.com/2025-ransomware-extortion-trends/ Source: Unit 42 Title: Extortion and Ransomware Trends January-March 2025 Feedly Summary: Ransomware leak site data and Unit 42 case studies reveal new trends from Q1 2025, including the most active groups, targeted industries and novel extortion tactics. The post Extortion and Ransomware Trends January-March 2025 appeared first on Unit 42. AI…
-
Unit 42: False Face: Unit 42 Demonstrates the Alarming Ease of Synthetic Identity Creation
Source URL: https://unit42.paloaltonetworks.com/?p=139512 Source: Unit 42 Title: False Face: Unit 42 Demonstrates the Alarming Ease of Synthetic Identity Creation Feedly Summary: North Korean IT workers are reportedly using real-time deepfakes to secure remote work, raising serious security concerns. We explore the implications. The post False Face: Unit 42 Demonstrates the Alarming Ease of Synthetic Identity…