unit42.paloaltonetworks.com
Open in
urlscan Pro
23.56.206.30
Public Scan
Submitted URL: https://unit42.paloaltonetworks.com/atoms/brute-ratel/'
Effective URL: https://unit42.paloaltonetworks.com/
Submission: On April 03 via api from BG — Scanned from DE
Effective URL: https://unit42.paloaltonetworks.com/
Submission: On April 03 via api from BG — Scanned from DE
Form analysis 2 forms found in the DOM
Name: Unit42_Subscribe — POST https://www.paloaltonetworks.com/apps/pan/public/formsubmithandler.submitform.json
<form action="https://www.paloaltonetworks.com/apps/pan/public/formsubmithandler.submitform.json" method="post" novalidate="" class="subscribe-form" name="Unit42_Subscribe">
<input type="hidden" name="emailFormMask" value="">
<input type="hidden" value="1086" name="formid">
<!-- <input type="hidden" value="531-OCS-018" name="munchkinId"> -->
<input type="hidden" value="531-OCS-018" name="munchkinId">
<input type="hidden" value="2141" name="lpId">
<input type="hidden" value="1203" name="programId">
<input type="hidden" value="1086" name="formVid">
<input type="hidden" name="mkto_optinunit42" value="true">
<input type="hidden" name="mkto_opt-in" value="true">
<input type="email" name="Email" placeholder="Email address" class="mb-15 subscribe-field d-block w-100 px-15" aria-label="Email">
<p class="error-mail d-none mb-15 text-danger" style="color: #dc3545">Please enter your email address!</p>
<span><img class="d-none sub-ajax-loader" src="\wp-content\themes\unit42-v5\dist\images\icons\loader.gif" style="width:20px;padding: 10px 0px;" alt="loader"></span>
<input type="submit" value="Subscribe" class="btn btn--white btn--sm mb-15" disabled="disabled">
<p>By submitting this form, you agree to our <a href="https://www.paloaltonetworks.com/legal-notices/terms-of-use">Terms of Use</a> and acknowledge our <a href="https://www.paloaltonetworks.com/legal-notices/privacy">Privacy Statement</a>.</p>
<div class="google-recapth mt-15">
<div class="g-recaptcha" data-expired-callback="captchaExpires" data-callback="captchaComplete" data-sitekey="6Lc5EhgTAAAAAJa-DzE7EeWABasWg4LKv-R3ao6o">
<div style="width: 304px; height: 78px;">
<div><iframe title="reCAPTCHA" width="304" height="78" role="presentation" name="a-t1h9rsgb49xn" frameborder="0" scrolling="no"
sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-top-navigation allow-modals allow-popups-to-escape-sandbox allow-storage-access-by-user-activation"
src="https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5EhgTAAAAAJa-DzE7EeWABasWg4LKv-R3ao6o&co=aHR0cHM6Ly91bml0NDIucGFsb2FsdG9uZXR3b3Jrcy5jb206NDQz&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=normal&cb=i6rv68dt4tzm"></iframe>
</div><textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 40px; border: 1px solid rgb(193, 193, 193); margin: 10px 25px; padding: 0px; resize: none; display: none;"
aria-label="recaptcha"></textarea>
</div><iframe style="display: none;"></iframe>
</div>
</div>
<p class="error-recaptcha d-none mt-15 text-danger" style="color: #dc3545">Please mark, I'm not a robot!</p>
</form>POST
<form method="post">
<input type="hidden" id="_wpnonce" name="_wpnonce" value="9394d119ae"><input type="hidden" name="_wp_http_referer" value="/">
</form>Text Content
Menu
* Tools
* ATOMs
* Security Consulting
* About Us
* Under Attack?
*
* About Unit 42
* Services
Services
Assess and Test Your Security Controls
* Attack Surface Assessment
* Breach Readiness Review
* BEC Readiness Assessment
* Compromise Assessment
* Cyber Risk Assessment
* M&A Cyber Due Diligence
* Penetration Testing
* Purple Team Exercises
* Ransomware Readiness Assessment
* SOC Assessment
* Supply Chain Risk Assessment
* Tabletop Exercises
* Unit 42 Retainer
Transform Your Security Strategy
* IR Plan Development and Review
* Security Program Design
* Virtual CISO
Respond in Record Time
* Cloud Incident Response
* Digital Forensics
* Incident Response
* Managed Detection and Response
* Managed Threat Hunting
* Unit 42 Retainer
UNIT 42 RETAINER
Custom-built to fit your organization's needs, you can choose to allocate
your retainer hours to any of our offerings, including proactive cyber risk
management services. Learn how you can put the world-class Unit 42 Incident
Response team on speed dial.
Learn more
* Unit 42 Threat Research
Unit 42 Threat Research
Unit 42 Threat Research
* Threat Briefs and Assessments
Details on the latest cyber threats
* Tools
Lists of public tools released by our team
* Threat Reports
Downloadable, in-depth research reports
THREAT REPORT
2024 Unit 42 Incident Response Report
Read now
THREAT BRIEF
Russia-Ukraine Cyberattacks: How to Protect Against Related Cyberthreats
Including DDoS, HermeticWiper, Gamaredon, Website Defacement
Learn more
THREAT REPORT
Highlights from the Unit 42 Cloud Threat Report, Volume 6
Learn more
* Partners
Partners
Partners
* Threat Intelligence Sharing
* Law Firms and Insurance Providers
* Threat Intel Bulletin
THREAT REPORT
2022 Unit 42 Ransomware Threat Report: Understand trends and tactics to
bolster defenses
Learn more
THREAT BRIEF
Russia-Ukraine Cyberattacks: How to Protect Against Related Cyberthreats
Including DDoS, HermeticWiper, Gamaredon, Website Defacement
Learn more
THREAT BRIEF
Operation Falcon II: Unit 42 Helps Interpol Identify Nigerian Business Email
Compromise Ring Members
Learn more
* Resources
Resources
Resources
* Research Reports
* Webinars
* Customer Stories
* Datasheets
* Videos
* Infographics
* Whitepapers
* In the News
* Cyberpedia
Industries
* Financial Services
* Healthcare
* Manufacturing
THREAT REPORT
2023 Unit 42 Ransomware and Extortion Report: Get the latest multi-extortion
trends and insights to keep your organization protected.
Learn more
RESEARCH REPORT
Gartner Market Guide for Digital Forensics and Incident Response Services
Learn more
*
* Under Attack?
Search
All
* Tech Docs
Close search modal
30,411
people reacted
THREAT BRIEF: VULNERABILITY IN XZ UTILS DATA COMPRESSION LIBRARY IMPACTING
MULTIPLE LINUX DISTRIBUTIONS (CVE-2024-3094)
An overview of CVE-2024-3094, a vulnerability in XZ Utils, and information about
how to mitigate.
Overview of CVE-2024-3094 and Mitigations
27
5 min. read
CLOUD THREATS: ORIGINAL RESEARCH AND IN-DEPTH ANALYSIS
Learn more
THREAT VECTOR: THE UNIT 42 PODCAST
Follow
GET UPDATES FROM UNIT 42
Please enter your email address!
By submitting this form, you agree to our Terms of Use and acknowledge our
Privacy Statement.
Please mark, I'm not a robot!
* All
* Threat Briefs
* Threat Assessments
* Reports
* All
* Threat Briefs
* Threat Assessments
* Reports
Exposing a New BOLA Vulnerability in Grafana
2,230
people reacted
EXPOSING A NEW BOLA VULNERABILITY IN GRAFANA
* By Ravid Mazon and Jay Chen
* March 27, 2024 at 7:00 AM
15
8 min. read
ASEAN Entities in the Spotlight: Chinese APT Group Targeting
5,425
people reacted
ASEAN ENTITIES IN THE SPOTLIGHT: CHINESE APT GROUP TARGETING
* By Unit 42
* March 26, 2024 at 1:00 PM
14
5 min. read
TRENDING
* Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting
Multiple Linux Distributions (CVE-2024-3094) by Unit 42
* Threat Group Assessment: Muddled Libra (Updated) by Unit 42
* ASEAN Entities in the Spotlight: Chinese APT Group Targeting by Unit 42
* Exposing a New BOLA Vulnerability in Grafana by Jay Chen
* Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and
Prevention by Samantha Stallings
Large-Scale StrelaStealer Campaign in Early 2024
7,473
people reacted
LARGE-SCALE STRELASTEALER CAMPAIGN IN EARLY 2024
* By Benjamin Chang, Goutam Tripathy, Pranay Kumar Chhaparwal, Anmol Maurya and
Vishwa Thothathri
* March 22, 2024 at 3:00 AM
29
8 min. read
Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and
Prevention
3,932
people reacted
CURIOUS SERPENS’ FALSEFONT BACKDOOR: TECHNICAL ANALYSIS, DETECTION AND
PREVENTION
* By Tom Fakterman, Daniel Frank and Jerome Tujague
* March 21, 2024 at 3:00 AM
8
12 min. read
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke
Loader Backdoor
3,436
people reacted
UNIT 42 COLLABORATIVE RESEARCH WITH UKRAINE’S CYBER AGENCY TO UNCOVER THE SMOKE
LOADER BACKDOOR
* By Unit 42
* March 19, 2024 at 3:00 AM
18
4 min. read
Inside the Rabbit Hole: BunnyLoader 3.0 Unveiled
6,079
people reacted
INSIDE THE RABBIT HOLE: BUNNYLOADER 3.0 UNVEILED
* By Amanda Tanner, Anthony Galiette and Jerome Tujague
* March 15, 2024 at 3:00 AM
13
16 min. read
Threat Group Assessment: Muddled Libra (Updated)
35,578
people reacted
THREAT GROUP ASSESSMENT: MUDDLED LIBRA (UPDATED)
* By Kristopher Russo, Austin Dever and Amer Elsad
* March 8, 2024 at 2:58 PM
40
13 min. read
Wireshark Tutorial: Exporting Objects From a Pcap
220,283
people reacted
WIRESHARK TUTORIAL: EXPORTING OBJECTS FROM A PCAP
* By Brad Duncan
* March 1, 2024 at 6:00 AM
132
12 min. read
The Art of Domain Deception: Bifrost's New Tactic to Deceive Users
6,490
people reacted
THE ART OF DOMAIN DECEPTION: BIFROST'S NEW TACTIC TO DECEIVE USERS
* By Anmol Maurya and Siddharth Sharma
* February 29, 2024 at 3:00 AM
114
6 min. read
Navigating the Cloud: Exploring Lateral Movement Techniques
7,072
people reacted
NAVIGATING THE CLOUD: EXPLORING LATERAL MOVEMENT TECHNIQUES
* By Eden Elazar
* February 28, 2024 at 3:00 AM
24
12 min. read
Data From Chinese Security Services Company i-Soon Linked to Previous Chinese
APT Campaigns
7,992
people reacted
DATA FROM CHINESE SECURITY SERVICES COMPANY I-SOON LINKED TO PREVIOUS CHINESE
APT CAMPAIGNS
* By Unit 42
* February 23, 2024 at 5:00 PM
24
7 min. read
Intruders in the Library: Exploring DLL Hijacking
4,093
people reacted
INTRUDERS IN THE LIBRARY: EXPLORING DLL HIJACKING
* By Tom Fakterman, Chen Erlich and Assaf Dahan
* February 22, 2024 at 4:00 PM
11
14 min. read
Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and
CVE-2024-1709)
6,440
people reacted
THREAT BRIEF: CONNECTWISE SCREENCONNECT VULNERABILITIES (CVE-2024-1708 AND
CVE-2024-1709)
* By Unit 42
* February 21, 2024 at 5:00 PM
6
5 min. read
2024 Unit 42 Incident Response Report: Navigating the Shift in Cybersecurity
Threat Tactics
5,537
people reacted
2024 UNIT 42 INCIDENT RESPONSE REPORT: NAVIGATING THE SHIFT IN CYBERSECURITY
THREAT TACTICS
* By Unit 42
* February 20, 2024 at 6:12 AM
16
5 min. read
Threat Brief: Attacks on Critical Infrastructure Attributed to Insidious Taurus
(Volt Typhoon)
57,299
people reacted
THREAT BRIEF: ATTACKS ON CRITICAL INFRASTRUCTURE ATTRIBUTED TO INSIDIOUS TAURUS
(VOLT TYPHOON)
* By Unit 42
* February 14, 2024 at 2:30 PM
28
9 min. read
Sorry, no results were found.
See more
Sorry, no results were found.
See more
Clear
POPULAR RESOURCES
* Resource Center
* Blog
* Communities
* Tech Docs
* Unit 42
* Sitemap
LEGAL NOTICES
* Privacy
* Terms of Use
* Documents
ACCOUNT
* Manage Subscriptions
*
* Report a Vulnerability
© 2024 Palo Alto Networks, Inc. All rights reserved.
This site uses cookies essential to its operation, for analytics, and for
personalized content and ads. Please read our privacy statement for more
information.Privacy statement
Cookies Settings Reject All Accept All
Your Opt Out Preference Signal is Honored
PRIVACY PREFERENCE CENTER
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information on cookie consent
Allow All
MANAGE YOUR CONSENT PREFERENCES
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then
some or all of these services may not function properly.
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
Back Button
COOKIE LIST
Search Icon
Filter Icon
Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
Reject All Confirm My Choices