Unit 42 – Page 5 – Experimental News Clipping Site

Threat Research Archives – Unit 42: Stealers on the Rise: A Closer Look at a Growing macOS Threat

Mar 10, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/macos-stealers-growing/ Source: Threat Research Archives – Unit 42 Title: Stealers on the Rise: A Closer Look at a Growing macOS Threat Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the rise in macOS infostealer malware, specifically highlighting three notable types: Atomic Stealer, Poseidon Stealer, and Cthulhu Stealer. This increase poses…

Unit 42: Multiple Vulnerabilities Discovered in a SCADA System

Mar 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/vulnerabilities-in-iconics-software-suite/ Source: Unit 42 Title: Multiple Vulnerabilities Discovered in a SCADA System Feedly Summary: We identified multiple vulnerabilities in ICONICS Suite, SCADA software used in numerous OT applications. This article offers a technical analysis of our findings. The post Multiple Vulnerabilities Discovered in a SCADA System appeared first on Unit 42. AI Summary…

Unit 42: The Next Level: Typo DGAs Used in Malicious Redirection Chains

Mar 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138551 Source: Unit 42 Title: The Next Level: Typo DGAs Used in Malicious Redirection Chains Feedly Summary: A graph intelligence-based pipeline and WHOIS data are among the tools we used to identify this campaign, which introduced a variant of domain generation algorithms. The post The Next Level: Typo DGAs Used in Malicious Redirection…

Unit 42: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems

Mar 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138517 Source: Unit 42 Title: Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems Feedly Summary: A topological analysis and case studies add nuance to a study of malicious traffic distribution systems. We compare their use by attackers to benign systems. The post Beneath the Surface: Detecting and Blocking Hidden Malicious…

Unit 42: Uncovering .NET Malware Obfuscated by Encryption and Virtualization

Mar 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138493 Source: Unit 42 Title: Uncovering .NET Malware Obfuscated by Encryption and Virtualization Feedly Summary: Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and more. The post Uncovering .NET Malware Obfuscated by Encryption and Virtualization appeared first on…

Unit 42: JavaGhost’s Persistent Phishing Attacks From the Cloud

Feb 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/javaghost-cloud-phishing/ Source: Unit 42 Title: JavaGhost’s Persistent Phishing Attacks From the Cloud Feedly Summary: Unit 42 reports on phishing activity linked to the threat group JavaGhost. These attacks target organizations’ AWS environments. The post JavaGhost’s Persistent Phishing Attacks From the Cloud appeared first on Unit 42. AI Summary and Description: Yes Summary: The…

Unit 42: Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations

Feb 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138415 Source: Unit 42 Title: Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations Feedly Summary: We analyze the backdoor Squidoor, used by a suspected Chinese threat actor to steal sensitive information. This multi-platform backdoor is built for stealth. The post Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Global Organizations appeared first on…

Unit 42: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector

Feb 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138378 Source: Unit 42 Title: RustDoor and Koi Stealer for macOS Used by North Korea-Linked Threat Actor to Target the Cryptocurrency Sector Feedly Summary: Koi Stealer and RustDoor malware were used in a campaign linked to North Korea. This activity targeted crypto wallet owners. The post RustDoor and Koi Stealer for macOS Used…

Unit 42: Auto-Color: An Emerging and Evasive Linux Backdoor

Feb 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138356 Source: Unit 42 Title: Auto-Color: An Emerging and Evasive Linux Backdoor Feedly Summary: The new Linux malware named Auto-color uses advanced evasion tactics. Discovered by Unit 42, this article cover its installation, evasion features and more. The post Auto-Color: An Emerging and Evasive Linux Backdoor appeared first on Unit 42. AI Summary…

Unit 42: Investigating LLM Jailbreaking of Popular Generative AI Web Products

Feb 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/jailbreaking-generative-ai-web-products/ Source: Unit 42 Title: Investigating LLM Jailbreaking of Popular Generative AI Web Products Feedly Summary: We discuss vulnerabilities in popular GenAI web products to LLM jailbreaks. Single-turn strategies remain effective, but multi-turn approaches show greater success. The post Investigating LLM Jailbreaking of Popular Generative AI Web Products appeared first on Unit 42.…

Tag: Unit 42