PKPLUG: Chinese Cyber Espionage Group Attacking Southeast Asia
For three years, Unit 42 has tracked a set of cyber espionage attack campaigns across Asia, which used a mix of publicly available and custom malware. Unit 42 created the moniker “PKPLUG” for the...
View ArticleTHOR: Previously Unseen PlugX Variant Deployed During Microsoft Exchange...
We provide a technical overview of the previously unseen PlugX variant THOR, indicators of compromise and a new tool for payload decryption. The post THOR: Previously Unseen PlugX Variant Deployed...
View ArticleHunting for Unsigned DLLs to Find APTs
Hunting for the loading of unsigned DLLs can help you identify attacks and threat actors in your environment. Our examples include well-known APTs. The post Hunting for Unsigned DLLs to Find APTs...
View Article