❌

Reading view

2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface

The 2026 World Cup presents major cyber risks from ransomware groups, state-aligned actors, and other groups targeting critical infrastructure. Learn more here.

The post 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface appeared first on Unit 42.

  •  

Out of the Crypt: The Evolving Cyber Extortion Economy

Unit 42 explores trends in data theft and extortion, outlining key strategies for organizations as frontier AI models advance.

The post Out of the Crypt: The Evolving Cyber Extortion Economy appeared first on Unit 42.

  •  

Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government

Unit 42 uncovers multiple clusters of cyberespionage targeting a Southeast Asian government organization with USBFect, RATs and loaders.

The post Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government appeared first on Unit 42.

  •  

Iranian Cyber Threat Evolution: From MBR Wipers to Identity Weaponization

The evolution of Iranian cyber operations in broad context: from custom wiper malware to misuse of legitimate admin tools and more.

The post Iranian Cyber Threat Evolution: From MBR Wipers to Identity Weaponization appeared first on Unit 42.

  •  

An Investigation Into Years of Undetected Operations Targeting High-Value Sectors

In-depth analysis of threat activity we call CL-UNK-1068. We discuss their toolset, including tunneling, reconnaissance and credential theft.

The post An Investigation Into Years of Undetected Operations Targeting High-Value Sectors appeared first on Unit 42.

  •  

Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)

Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations for defenders.

The post Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17) appeared first on Unit 42.

  •  

Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite

Hamas-affiliated threat actor Ashen Lepus (aka WIRTE) is conducting espionage with its new AshTag malware suite against Middle Eastern government entities.

The post Hamas-Affiliated Ashen Lepus Targets Middle Eastern Diplomatic Entities With New AshTag Malware Suite appeared first on Unit 42.

  •  

Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise

Unit 42 outlines a Howling Scorpius attack delivering Akira ransomware that originated from a fake CAPTCHA and led to a 42-day compromise.

The post Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise appeared first on Unit 42.

  •  
❌