Search cyberveille.decio.ch

Found 16 bookmarks

Custom sorting

Muddled Libra’s Evolution to the Cloud

Unit 42 researchers have discovered that the Muddled Libra group now actively targets software-as-a-service (SaaS) applications and cloud service provider (CSP) environments. Organizations often store a variety of data in SaaS applications and use services from CSPs. The threat actors have begun attempting to leverage some of this data to assist with their attack progression, and to use for extortion when trying to monetize their work.

#unit42 #EN #2024 #paloaltonetworks #MuddledLibra #research #CSP #software-as-a-service

·unit42.paloaltonetworks.com·Apr 9, 2024

Muddled Libra’s Evolution to the Cloud

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.

#unit42 #EN #2023 #Golang #paloaltonetworks #Botnet #GoBruteforcer #web #servers

·unit42.paloaltonetworks.com·Mar 13, 2023

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

Vice Society: Profiling a Persistent Threat to the Education Sector

Vice Society, a ransomware gang, has been involved in high-profile activity against schools this year.

#unit42 #EN #2022 #paloaltonetworks #vice-society #education #ransomware #schools

·unit42.paloaltonetworks.com·Dec 6, 2022

Vice Society: Profiling a Persistent Threat to the Education Sector

Blowing Cobalt Strike Out of the Water With Memory Analysis

Unit 42 researchers examine several malware samples that incorporate Cobalt Strike components, and discuss some of the ways that we catch these samples by analyzing artifacts from the deltas in process memory at key points of execution. We will also discuss the evasion tactics used by these threats, and other issues that make their analysis problematic.

#unit42 #EN #2022 #CobaltStrike #analysis #paloaltonetworks

·unit42.paloaltonetworks.com·Dec 6, 2022

Blowing Cobalt Strike Out of the Water With Memory Analysis

Banking Trojan Techniques: Financially Motivated Malware

Understanding banking Trojan techniques can help detect other activities of financially motivated threat groups.

#unit42 #EN #2022 #paloaltonetworks #research #Banking #Trojan #Techniques

·unit42.paloaltonetworks.com·Nov 1, 2022

Banking Trojan Techniques: Financially Motivated Malware

Ransom Cartel Ransomware: A Possible Connection With REvil

Ransom Cartel is ransomware as a service (RaaS) that exhibits several similarities to and technical overlaps with REvil ransomware. Read our overview.

#unit42 #paloaltonetworks #EN #2022 #Ransom-Cartel #REvil #RaaS

·unit42.paloaltonetworks.com·Oct 18, 2022

Ransom Cartel Ransomware: A Possible Connection With REvil

Mirai Variant MooBot Targeting D-Link Devices

Attackers are leveraging known vulnerabilities in D-Link devices to deliver MooBot, a Mirai variant, potentially leading to further DDoS attacks.

#unit42 #paloaltonetworks #EN #2022 #Mirai #Variant #MooBot #Targeting #D-Link #CVE-2015-2051 #CVE-2018-6530 #CVE-2022-26258 #CVE-2022-28958 #analysis

·unit42.paloaltonetworks.com·Sep 7, 2022

Mirai Variant MooBot Targeting D-Link Devices

Legitimate SaaS Platforms Being Used to Host Phishing Attacks

Platform-abuse phishing is on the rise. We analyze how attackers use services such as website builders to host phishing pages.

#unit42 #paloaltonetworks #EN #2022 #phishing #attack #SaaS #abuse #website-builders

·unit42.paloaltonetworks.com·Aug 24, 2022

Legitimate SaaS Platforms Being Used to Host Phishing Attacks

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

New Golang-based malware we have dubbed GoBruteforcer targets web servers. Golang is becoming popular with malware programmers due to its versatility.

#unit42 #EN #2023 #Golang #paloaltonetworks #Botnet #GoBruteforcer #web #servers

·unit42.paloaltonetworks.com·Mar 13, 2023

GoBruteforcer: Golang-Based Botnet Actively Harvests Web Servers

Vice Society: Profiling a Persistent Threat to the Education Sector

Vice Society, a ransomware gang, has been involved in high-profile activity against schools this year.

#unit42 #EN #2022 #paloaltonetworks #vice-society #education #ransomware #schools

·unit42.paloaltonetworks.com·Dec 6, 2022

Vice Society: Profiling a Persistent Threat to the Education Sector

Blowing Cobalt Strike Out of the Water With Memory Analysis

#unit42 #EN #2022 #CobaltStrike #analysis #paloaltonetworks

·unit42.paloaltonetworks.com·Dec 6, 2022

Blowing Cobalt Strike Out of the Water With Memory Analysis

Banking Trojan Techniques: Financially Motivated Malware

Understanding banking Trojan techniques can help detect other activities of financially motivated threat groups.

#unit42 #EN #2022 #paloaltonetworks #research #Banking #Trojan #Techniques

·unit42.paloaltonetworks.com·Nov 1, 2022

Banking Trojan Techniques: Financially Motivated Malware

Ransom Cartel Ransomware: A Possible Connection With REvil

Ransom Cartel is ransomware as a service (RaaS) that exhibits several similarities to and technical overlaps with REvil ransomware. Read our overview.

#unit42 #paloaltonetworks #EN #2022 #Ransom-Cartel #REvil #RaaS

·unit42.paloaltonetworks.com·Oct 18, 2022

Ransom Cartel Ransomware: A Possible Connection With REvil

Mirai Variant MooBot Targeting D-Link Devices

Attackers are leveraging known vulnerabilities in D-Link devices to deliver MooBot, a Mirai variant, potentially leading to further DDoS attacks.