Unit 42 (@Unit42_Intel) on X (original) (raw)
The latest research and news from Unit 42, the Palo Alto Networks (
) Threat Intelligence and Security Consulting Team covering incident response.
We have tested CVE-2025-24813. Under specific circumstances, an exploit sent to a vulnerable Apache web server running outdated Tomcat software could lead to remote code execution. We used a 2-step method that resulted in a successful attempt. Details at bit.ly/426Njtp
We are observing active global exploitation of critical Microsoft SharePoint vulns CVE-2025-49704 and CVE-2025-49706. Orgs worldwide are being targeted. Patch immediately. The exploits are real, in-the-wild and pose a serious threat. IoCs we've seen: bit.ly/4kQZS2e
Today, we exposed "BendyBear," one of the most sophisticated, well-engineered and difficult-to-detect samples of shellcode employed by an APT, says the Unit 42 researcher who analyzed it. bit.ly/3aH1ABi
🦈 Good news everyone! 🦈
@malware_traffic
is back with another great #Wireshark tutorial - this one covers a recent infection with the information stealer Qakbot (aka Qbot).
Acting as digital detectives, we uncovered the sale of a bypass tool on underground forums. This investigation began when a bad actor tried to test an EDR bypass tool. Read what we learned from there: bit.ly/4eb8nlh
2023-12-07 (Thursday) - PDF file found on VirusTotal led to #DarkGate infection - Windows shortcut retrieved DarkGate install script from DNS TXT record - activity may have started as early as 2023-11-27 - IOCs available at bit.ly/47DoyFH #TimelyThreatIntel #Wireshark
In our latest Wireshark tutorial, we demonstrate how to prepare the environment, obtain a decryption key and use it to decrypt RDP traffic. bit.ly/3rCESAz
2023-10-12 (Thursday): The latest example of #DarkGate malware distributed through Microsoft Teams. Attacker poses as target organization's CEO and sends victim a Teams invite. Message contains password-protected zip archive. IOCs available at bit.ly/3rY1hi1
Don't miss what's happening
People on X are the first to know.