Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Unit 42

Below you will find reports with the source of “Unit 42”

image from Unit 42 Attack Surface Threat Report

Unit 42 Attack Surface Threat Report

Unit 42 analyzed several petabytes of public internet data collected by Cortex Xpanse — the Palo Alto Networks attack surface management solution — in 2022 and 2023. This report outlines aggregate statistics about how attack surfaces worldwide are changing and drills down into particular risks that are most relevant to the market. Today’s attackers have the ability to scan the entire IPv4 address space for vulnerable targets in minutes.

(more available)
Added: July 12, 2024
image from 2024 Incident Response Report

2024 Incident Response Report

In this report, we bring you the insights from that data. It’s part of how we empower organizations to proactively navigate cyber risks, strengthen security approaches, and respond to incidents with unmatched efficiency. This report helps because it gathers real-world information from organizations like yours, so you can learn which threats really a#ect your peers–and how you can face them.

(more available)
Added: February 26, 2024
image from Ransomware and Extortion Report

Ransomware and Extortion Report

In the 2023 Unit 42 Ransomware Threat Report explores recent incident response cases, as well as our threat intelligence analysts’ assessment of the larger threat landscape. It also offers predictions for how we believe threat actors will use ransomware and extortion tactics going forward. As of late 2022, threat actors engaged in data theft in about 70% of cases on average, Compare this to mid-2021, and we saw data theft in only about 40$ of cases on average. Threat actors often threaten to leak stolen data on dark web leak sites, which are increasingly a key component of their efforts to extort organizations.

(more available)
Added: March 27, 2023
image from Incident Response Report 2022

Incident Response Report 2022

The 2022 Unit 42 Incident Response Report sheds light on the risks and threats that organizations are facing. It provides insights into threat actors and their methods that can then be used to help organizations identify potential gaps in their defenses and areas to focus on to improve their cybersecurity stance going forward.

(more available)
Added: August 1, 2022
image from Ransomware Threat Report 2022

Ransomware Threat Report 2022

As these ransomware gangs and RaaS operators find new ways to remove technical barriers and up the ante, ransomware will continue to challenge organizations of all sizes in 2022. As a result, ransomware has become one of the top threats in cybersecurity and a focus area for Palo Alto Networks. This report provides the latest insights on established and emerging ransomware groups, payment trends, and security best practice.

(more available)
Added: June 16, 2022
image from Ransomware Threat Report 2021

Ransomware Threat Report 2021

Using Unit 42’s threat intelligence and incident response teams, this report reviews the state of ransomware, focusing on the prevalence, size of payments, techniques, and firmographics of recent events.

(more available)
Added: August 9, 2021
image from 2020 Unit 42 IoT Threat Report

2020 Unit 42 IoT Threat Report

This annual report looks at changes in internet of things security.

Added: November 1, 2020
image from Cloud Threat Report: Putting the Sec in DevOps

Cloud Threat Report: Putting the Sec in DevOps

2020 edition of the Unit 42 Cloud Threat Report, ourteam of elite cloud threat researchers focused theirattention on the practices of DevOps. The research aimedto uncover where cloud vulnerabilities are surfacing.DevOps teams are shortening the time to productionusing infrastructure as code (IaC) templates. But the IaCtemplates themselves are not the issue. It’s the flawedprocess by which they are being created.

(more available)
Added: February 14, 2020
image from Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor’s Repository

Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor’s Repository

In mid-July, Palo Alto Networks Unit 42 identified a small targeted phishing campaign aimed at a government organization. While tracking the activities of this campaign, we identified a repository of additional malware, including a web server that was used to host the payloads used for both this attack as well as others. We’ll discuss how we discovered it, as well as possible attribution towards the individual behind these attacks.

(more available)
Added: November 15, 2018
© Cyentia Institute 2025
Library updated: July 1, 2025 16:08 UTC (build b1d7be4)