April 13, 2024 at 05:27AM Threat actors have been actively exploiting a critical zero-day flaw (CVE-2024-3400) in Palo Alto Networks PAN-OS software, allowing unauthorized code execution. Dubbed Operation MidnightEclipse, the attack involves creating cron jobs to run commands from an external server, triggering a Python-based backdoor. The actor UTA0218 displays advanced capabilities and likely state-backing. … Read more
February 5, 2024 at 05:43PM The Palo Alto Networks Unit 42 team uncovered a new variation of the sneaky banking Trojan, Mispadu Stealer, targeting Mexico. This infostealer exploits the Windows SmartScreen bypass vulnerability CVE-2023-36025. With Mispadu continuously evolving, the researchers advise a comprehensive cybersecurity approach, emphasizing staying informed on threat intelligence, robust endpoint protection, and … Read more
December 1, 2023 at 02:15PM Agent Raccoon, a novel .NET malware used for espionage, targets organizations globally and is linked to nation-state actors by Unit 42. It masquerades as an updater, using DNS for covert communication and includes tools for credential theft and data exfiltration, with active development indicating evolving capabilities. Meeting Takeaways: 1. A … Read more