We discuss a new campaign from the cybercrime group behind Silent Skimmer, showcasing the exploit of Telerik UI vulnerabilities and malware like RingQ loader. The post Silent Skimmer Gets Loud (Again) appeared first on Unit 42. This article has been…
Category: Unit 42
Automatically Detecting DNS Hijacking in Passive DNS
Explore how we detect DNS hijacking by analyzing millions of DNS records daily, using machine learning to identify redirect attempts to malicious servers. The post Automatically Detecting DNS Hijacking in Passive DNS appeared first on Unit 42. This article has…
TA Phone Home: EDR Evasion Testing Reveals Extortion Actor’s Toolkit
A threat actor attempted to use an AV/EDR bypass tool in an extortion attempt. Instead, the tool provided Unit 42 insight into the threat actor. The post TA Phone Home: EDR Evasion Testing Reveals Extortion Actor's Toolkit appeared first on…
Jumpy Pisces Engages in Play Ransomware
A first-ever collaboration between DPRK-based Jumpy Pisces and Play ransomware signals a possible shift in tactics. The post Jumpy Pisces Engages in Play Ransomware appeared first on Unit 42. This article has been indexed from Unit 42 Read the original…
Deceptive Delight: Jailbreak LLMs Through Camouflage and Distraction
We examine an LLM jailbreaking technique called “Deceptive Delight,” a technique that mixes harmful topics with benign ones to trick AIs, with a high success rate. The post Deceptive Delight: Jailbreak LLMs Through Camouflage and Distraction appeared first on Unit…
Gatekeeper Bypass: Uncovering Weaknesses in a macOS Security Mechanism
Explore how macOS Gatekeeper’s security could be compromised by third-party apps not enforcing quarantine attributes effectively. The post Gatekeeper Bypass: Uncovering Weaknesses in a macOS Security Mechanism appeared first on Unit 42. This article has been indexed from Unit 42…
Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks
The Unit 42 Threat Frontier report discusses GenAI’s impact on cybersecurity, emphasizing the need for AI-specific defenses and proactive security. The post Unit 42 Looks Toward the Threat Frontier: Preparing for Emerging AI Risks appeared first on Unit 42. This…
Lynx Ransomware: A Rebranding of INC Ransomware
Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics. The post Lynx Ransomware: A Rebranding of INC Ransomware appeared first on Unit 42. This article has…
Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware
Discover how North Korean attackers, posing as recruiters, used an updated downloader and backdoor in a campaign targeting tech job seekers. The post Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and…
No Way to Hide: Uncovering New Campaigns from Daily Tunneling Detection
Four DNS tunneling campaigns identified through a new machine learning tool expose intricate tactics when targeting vital sectors like finance, healthcare and more. The post No Way to Hide: Uncovering New Campaigns from Daily Tunneling Detection appeared first on Unit…