Palo Alto Networks Unit 42

We've found #stockpiled domains hosting fake work portals for cryptocurrency #scam, with a traffic spike since Oct 15. Starting in July, this campaign has 60 domains in 3 bulk registrations with distinct naming patterns, all leading to same IP. More info: https://bit.ly/48jduyw

From a #BYOVD attack to the profile of a threat actor — this article delves into how rogue virtual machines are being used as platforms for testing evasion techniques against security tools. Using a recent extortion incident as a case study, we peek into a rogue system. https://bit.ly/4eb8nlh

We identified a recent #crypto #scam campaign using malicious infrastructure to impersonate xAI. These scam sites offer presale of xAI tokens with a 200% bonus and a never ending countdown timer. More info at https://bit.ly/3O7uY85 #cryptoscams

⏱️ When every second counts... ...You need a trusted cybersecurity partner ready to act, fast and effectively. Palo Alto Networks Unit 42 has been recognized as a Leader in the 2024 Forrester Wave™ for Cybersecurity Incident Response (IR) Services for our innovative IR offerings. 🎉 We earned 5/5 scores across nine criteria, with the report noting that “reference customers are impressed with Unit 42’s cloud IR expertise, the efficacy of its technology, and Arcade’s ease…” Thank you to our partners and customers for trusting us to strengthen your security strategies. How can we support you? https://bit.ly/3Uvhy9f

With help from Unit 42 Managed Hunting, one SOC team cut their time to find a true positive from weeks to mere minutes ✂️ See how North Dakota Information Technology (NDIT) experts sort through the noise and proactively uncover threats. https://bit.ly/3NNFPUm

With a week before the US #elections, we've seen a surge in newly registered domains impersonating both major presidential candidates for malicious purposes, including cryptocurrency #scams, donation #phishing and fake online shopping schemes. More info at https://bit.ly/3NNfTIx

North Korean threat group Jumpy Pisces, known for cyberespionage, has now ventured into the ransomware arena through a collaboration with Play ransomware — a crucial shift in tactics. Our analysis delves into their involvement as a key part of a ransomware incident, utilizing tools such Sliver, DTrack malware and more. We unravel their tactics here: https://bit.ly/3YG0q3g

🎤 Six Unit 42 experts walk into a LinkedIn Live... Join us on demand as we explore the latest insights from the Palo Alto Networks Unit 42 Threat Frontier Report. Uncover how threat actors are using generative AI to: ✔️Automate attacks  ✔️Craft convincing malicious content  ✔️Develop new malware variants Arm yourself with actionable strategies to protect your organization from these emerging threats. https://bit.ly/3Uuf6zY

2024-10-28 #Phishing alert: We’re tracking malicious infrastructure hosting domains mimicking popular cybersecurity vendors and VPNs. Active domains now return error messages, and we continue searching for new domains from this campaign. More info at https://bit.ly/48HXo1X

Don’t let cybercriminals twist your arm 💪 This week, Wendi Whitmore, SVP of Palo Alto Networks Unit 42 joined Threat Vector to share her expertise on how cybercriminals leverage disruption for maximum impact. Cybercriminals apply pressure on end users — and by extension, businesses — to disrupt operations and make their impact felt. Listen in to see what businesses can do to protect themselves. https://bit.ly/4fi6HaF