A phishing campaign targeting European companies used fake forms made with HubSpot’s Free Form Builder, leading to credential harvesting and Azure account takeover. The post Effective Phishing Campaign Targeting European Companies and Organizations appeared first on Unit 42. This article…
Tag: Unit 42
Effective Phishing Campaign Targeting European Companies and Institutions
A phishing campaign targeting European companies used fake forms made with HubSpot’s Free Form Builder, leading to credential harvesting and Azure account takeover. The post Effective Phishing Campaign Targeting European Companies and Institutions appeared first on Unit 42. This article…
LDAP Enumeration: Unveiling the Double-Edged Sword of Active Directory
Using real-world examples and offering plenty of pragmatic tips, learn how to protect your directory services from LDAP-based attacks. The post LDAP Enumeration: Unveiling the Double-Edged Sword of Active Directory appeared first on Unit 42. This article has been indexed…
Dirty DAG: New Vulnerabilities in Azure Data Factory’s Apache Airflow Integration
Vulnerabilities in Microsoft Azure Data Factory’s integration with Apache Airflow can lead to unauthorized access and control over cloud resources. The post Dirty DAG: New Vulnerabilities in Azure Data Factory’s Apache Airflow Integration appeared first on Unit 42. This article…
Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation
Analysis of packer-as-a-service (PaaS) HeartCrypt reveals its use in over 2k malicious payloads across 45 malware families since its early 2024 appearance. The post Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation appeared first on Unit 42. This article has been…
Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams
Unit 42 probes network abuses around events like the Olympics, featuring case studies of scams and phishing through domain registrations and more. The post Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams appeared first on Unit 42.…
Threat Assessment: Howling Scorpius (Akira Ransomware)
Howling Scorpius, active since 2023, uses Akira ransomware to target businesses globally, employing a double-extortion strategy and upgrading tools regularly. The post Threat Assessment: Howling Scorpius (Akira Ransomware) appeared first on Unit 42. This article has been indexed from Unit…
Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack
North Korean IT worker cluster CL-STA-0237 instigated phishing attacks via video apps in Laos, exploiting U.S. IT firms and major tech identities. The post Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack appeared first on…
Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them
We discuss North Korea’s use of IT workers to infiltrate companies, detailing detection strategies like IT asset management and IP analysis to counter this. The post Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them appeared first…
ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI
New research reveals two vulnerabilities in Google’s Vertex AI that may lead to privilege escalation or data theft through custom jobs or malicious models. The post ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI appeared first on Unit…