OpenSSH is a connectivity tool with a suite of services. CVE-2024-6387 (aka RegreSSHion), a critical signal handler race condition vulnerability, exploits OpenSSH servers to allow attackers root privileges on exploitation. Our threat brief on this vulnerability includes: 1️⃣ Details of the vulnerability 2️⃣ Current scope of the attack, including seen exposed instances 3️⃣ Unit 42 MTH queries 4️⃣ Mitigation guidance We’ll continue to update as more information comes to light. Read the brief now: https://bit.ly/3xK4xk1
Palo Alto Networks Unit 42
Computer and Network Security
SANTA CLARA, CA 69,257 followers
Unit 42 Threat Intelligence & Incident Response. Intelligence Driven. Response Ready.
About us
Palo Alto Networks Unit 42 brings together world-renowned threat researchers with an elite team of incident responders and security consultants to create an intelligence-driven, response-ready organization passionate about helping customers more proactively manage cyber risk. With a deeply rooted reputation for delivering world-class threat intelligence, Unit 42 provides industry-leading incident response and cyber risk management services to security leaders around the globe.
- Website
-
http://paloaltonetworks.com/unit42
External link for Palo Alto Networks Unit 42
- Industry
- Computer and Network Security
- Company size
- 5,001-10,000 employees
- Headquarters
- SANTA CLARA, CA
- Type
- Public Company
- Founded
- 2005
- Specialties
- Incident Response, Risk Management, Operational Threat Intelligence, and Network Security
Locations
-
Primary
3000 Tannery Way
SANTA CLARA, CA 95054, US
Employees at Palo Alto Networks Unit 42
Updates
-
Palo Alto Networks Unit 42 reposted this
As the world’s best athletes prepare for #Paris2024, CISOs and their teams are training hard too. Their coach of choice? Palo Alto Networks Unit 42. 🏅 From threat intelligence reports to crisis simulations and continuous monitoring, Unit 42's Cyber Vigilance Program ensures organizations are ready to face emerging cyberthreats. Get a behind-the-scenes look at this year’s experience. https://bit.ly/3Wq5Uhp
-
This article provides a wealth of information to those interested in learning more about the types of malware used by banking Trojans such as #BianLian and #Cerberus. We begin by explaining the Android Manifest and dissecting the ZIP file structure. Through multiple examples, we analyze the #BadPack technique and explore its use of anti-analysis measures across various Android malware analysis tools. https://bit.ly/3W5h4H5
-
Large-scale #phishing campaigns use HTTP refresh headers in web traffic that leads to fake login pages. Our telemetry reveals constantly morphing chains of events for potentially successful phishes. Indicators from some recent examples are available at https://bit.ly/3xX7kXc #TimelyThreatIntel #Unit42ThreatIntel #IndicatorsOfCompromise
-
Our #DNSHijacking detection system recently observed #GARUDA hackers compromise and deface sites of large orgs, including an ISP and a utility management company via #DNSattacks. We regularly publish on identifying and protecting against DNS threats here: https://bit.ly/4cCUiNB #TimelyThreatIntel #Unit42ThreatIntel
-
Say goodbye to email alert fatigue. Unit 42 MDR sent just 37 email alerts during the MITRE Engenuity ATT&CK Evaluation: Managed Services, while other vendors sent hundreds. With Unit 42 MDR, built on Cortex by Palo Alto Networks, we deliver only the most actionable information right when you need it. Stay secure without the noise. https://bit.ly/46iAzRf
-
Malware #DarkGate has been distributed in numerous creative ways: via DLL side-loading, tricking users into copying and pasting malicious scripts, by email attachments that run content from a .cab archive, or even via an installer link sent over Teams. Our researchers dissect a campaign from early 2024, where Microsoft Excel files led to malicious software downloads. Decrypting the configuring data and detailing the anti-analysis techniques, this article looks at how this adaptive malware persists in the threat landscape and what can be learned from how it has evolved. Dive into the research now: https://bit.ly/3S1gQj4
-
By sandboxing a sample of the malicious backdoor malware #GootLoader, Unit 42 researchers analyzed and then bypassed its anti-analysis techniques. They've broken these steps down in this article. Security researchers will learn how Visual Code Studio and Node.js debugging played a hand in the process. https://bit.ly/4cMLXGG
-
Palo Alto Networks Unit 42 reposted this
🙋♀️ Raise your hand if you're ready to fight AI with AI. 🤖 #BHUSA 🗓️ August 7-8 📍Booth #1632 at Mandalay Bay The future is cybersecurity powered by Precision AI™. We'll see you in August and show you how. https://bit.ly/4cMIsAd
-
Palo Alto Networks Unit 42 reposted this
🎯 Actionable insights without the noise. Palo Alto Networks Unit 42 MDR, backed by Cortex by Palo Alto Networks XDR, outpaces the competition, delivering MTTD almost twice the speed of the average participant in the MITRE Engenuity ATT&CK Evaluation: Managed Services. With just 37 targeted email alerts, not hundreds. 👀 Learn more about our results. https://bit.ly/3RTCF3J