CVE-2021-28372, a vulnerability in third-party software commonly built into many IP cameras, highlights issues in IoT supply chain security.
The Malleable C2 profile helps make Cobalt Strike an effective emulator for which it is difficult to design traditional firewall defenses.
The post Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect appeared first on Unit42.
We disclosed several GKE Autopilot vulnerabilities and attack techniques to Google. The issues are now fixed – we provide a technical analysis.
The post Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities appeared first on Unit42.
2022 Unit 42 Ransomware Threat Report highlights include average ransom demands and payments and new developments in double extortion and RaaS.
The post 2022 Unit 42 Ransomware Threat Report Highlights: Ransomware Remains a Headliner appeared first on Unit42.
Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for 52% of all such incidents at a global level. […]
CISA, the FBI, and the US Treasury Department warned today that the North Korean Lazarus hacking group is targeting organizations in the cryptocurrency and blockchain industries with trojanized cryptocurrency applications. […]
Kaspersky today revealed it found a vulnerability in Yanluowang ransomware’s encryption algorithm, which makes it possible to recover files it encrypts. […]
Digital threat researchers at Citizen Lab have discovered a new zero-click iMessage exploit used to install NSO Group spyware on devices belonging to Catalan politicians, journalists, and activists. […]
MetaMask has published a warning for their iOS users about the seeds of cryptocurrency wallets being stored in Apple’s iCloud if app data backup is active. […]