Found 28 bookmarks
Custom sorting
Muddled Libra’s Evolution to the Cloud
Muddled Libra’s Evolution to the Cloud
Unit 42 researchers have discovered that the Muddled Libra group now actively targets software-as-a-service (SaaS) applications and cloud service provider (CSP) environments. Organizations often store a variety of data in SaaS applications and use services from CSPs. The threat actors have begun attempting to leverage some of this data to assist with their attack progression, and to use for extortion when trying to monetize their work.
#unit42#EN#2024#paloaltonetworks#MuddledLibra#research#CSP#software-as-a-service
·unit42.paloaltonetworks.com·
Muddled Libra’s Evolution to the Cloud
CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief
CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief
On May 31, Progress Software posted a notification alerting customers of a critical Structured Query Language injection (SQLi) vulnerability (CVE-2023-34362) in their MOVEit Transfer product. MOVEit Transfer is a managed file transfer (MFT) application intended to provide secure collaboration and automated file transfers of sensitive data.
#paloaltonetworks#EN#2023#MOVEit#SQL#Injection#Vulnerability#CVE-2023-34362
·unit42.paloaltonetworks.com·
CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief
Blowing Cobalt Strike Out of the Water With Memory Analysis
Blowing Cobalt Strike Out of the Water With Memory Analysis
Unit 42 researchers examine several malware samples that incorporate Cobalt Strike components, and discuss some of the ways that we catch these samples by analyzing artifacts from the deltas in process memory at key points of execution. We will also discuss the evasion tactics used by these threats, and other issues that make their analysis problematic.
#unit42#EN#2022#CobaltStrike#analysis#paloaltonetworks
·unit42.paloaltonetworks.com·
Blowing Cobalt Strike Out of the Water With Memory Analysis
New Emotet Infection Method
New Emotet Infection Method
As early as Dec. 21, 2021, Unit 42 observed a new infection method for the highly prevalent malware family Emotet. Emotet is high-volume malware that often changes and modifies its attack patterns. This latest modification of the Emotet attack follows suit.
#paloaltonetworks#emotet#2022#EN#IoC#malware
·unit42.paloaltonetworks.com·
New Emotet Infection Method
Blowing Cobalt Strike Out of the Water With Memory Analysis
Blowing Cobalt Strike Out of the Water With Memory Analysis
Unit 42 researchers examine several malware samples that incorporate Cobalt Strike components, and discuss some of the ways that we catch these samples by analyzing artifacts from the deltas in process memory at key points of execution. We will also discuss the evasion tactics used by these threats, and other issues that make their analysis problematic.
#unit42#EN#2022#CobaltStrike#analysis#paloaltonetworks
·unit42.paloaltonetworks.com·
Blowing Cobalt Strike Out of the Water With Memory Analysis
New Emotet Infection Method
New Emotet Infection Method
As early as Dec. 21, 2021, Unit 42 observed a new infection method for the highly prevalent malware family Emotet. Emotet is high-volume malware that often changes and modifies its attack patterns. This latest modification of the Emotet attack follows suit.
#paloaltonetworks#emotet#2022#EN#IoC#malware
·unit42.paloaltonetworks.com·
New Emotet Infection Method
New Emotet Infection Method
New Emotet Infection Method
As early as Dec. 21, 2021, Unit 42 observed a new infection method for the highly prevalent malware family Emotet. Emotet is high-volume malware that often changes and modifies its attack patterns. This latest modification of the Emotet attack follows suit.
#paloaltonetworks#emotet#2022#EN#IoC#malware
·unit42.paloaltonetworks.com·
New Emotet Infection Method