Palo Alto Networks Unit 42’s Post

View organization page for Palo Alto Networks Unit 42

87,685 followers

2024-05-14 (Tuesday): #DarkGate activity. HTML file asks victim to paste script into a run window. Indicators available at https://bit.ly/4bjvMAC #TimelyThreatIntel #Unit42ThreatIntel #Wireshark #InfectionTraffic

4 Comments

Mikako Yano

Interesting!

Steve Eyre

Enterprise Security Architect | Cyber Operations & Threat Intelligence consultant | SOC architect | Cyber3D fractional security owner

the old HTA trick, old school but surprisingly prevalent

2 Reactions

See more comments

To view or add a comment, sign in

More Relevant Posts

Sergio Medeiros

Penetration Tester @ Synack | OASP | eWPTX v2 | CAPenX | CAPen | eWPT v1 | eCPPT v2 | eJPT |
12mo
Report this post
🚨 #XSS Tip 🚨 👉 You can attempt to bypass WAFs by using multi-character HTML entities. &nvgt; translates to > + [?] &nvlt; translates to < + [?] [?] - Unicode Symbol #bugbounty #bugbountytips #bugbounty #hackthebox #owasp #appsec
Like Comment
To view or add a comment, sign in
Shahmeer Nasir

Free Palestine | Software Engineer @ Technyx Systems
6mo
Report this post
Solved "Mini-Max Sum" with O(n) time complexity. Solved 7 out of n problem (JavaScript) [13.01.2025] It is a very basic problem. Just trying to make it a regular habit.

Mini-Max Sum | HackerRank hackerrank.com
Like Comment
To view or add a comment, sign in
Javan Reid

Fulfillment Specialist at Holistic Industries
1y
Report this post
Lab: Stored XSS into HTML context with nothing encoded https://lnkd.in/evXVXKhg

Lab: Stored XSS into HTML context with nothing encoded docs.google.com
Like Comment
To view or add a comment, sign in
Javan Reid

Fulfillment Specialist at Holistic Industries
1y
Report this post
Lab: Reflected XSS into HTML context with nothing encoded https://lnkd.in/e4AuzJvZ

Lab: Reflected XSS into HTML context with nothing encoded docs.google.com
Like Comment
To view or add a comment, sign in
Critical Thinking - Bug Bounty Podcast

13,390 followers
1y
Report this post
Another one of Mathias' HTMX bugs from the pod. This one is an HTMX trigger attribute injection into an HTML element leading to XSS using a payload like this: <meta hx-trigger='x[1)}),alert(3);//]'>
Like Comment
To view or add a comment, sign in
Sambath Kumar Logakrishnan

Software Architect | Web Components, WebAssembly, Frontend stacks
6mo
Report this post
relative color mixing is very powerful api to generate new colors from a relative color like #CSS vars using “from” operator inside the color fn- https://lnkd.in/dHSzHfyf #chromium #safari #firefox #webdevelopment #frontenddevelopment
Like Comment
To view or add a comment, sign in
Prabin Tamang

Certificate Ethical hacker | CTF Player | Project Manager | Bugv (CWE-79)
1y
Report this post
DOM XSS in innerHTML sink using source location.search

Lab: DOM XSS in innerHTML sink using source location.search | Web Security Academy portswigger.net
Like Comment
To view or add a comment, sign in
Bikram Keshari Rout

Asst. Delivery Manager @ Threatsys | Expert in VAPT & Android Security | API Security | Project Management | CGEH | CEHv12
11mo
Report this post
DOM XSS in innerHTML sink using source location.search

Lab: DOM XSS in innerHTML sink using source location.search | Web Security Academy portswigger.net
Like Comment
To view or add a comment, sign in
Yash Soni

PHP || LARAVEL || CODEIGNITER || FULL STACK DEVELOPER
8mo
Report this post
How to restrict the mouseover and mouseout events for a highcharts column so that the events fire w Check it out: https://lnkd.in/dq3RsgUX Join the conversation! #css #highcharts #javascript #jquery

restrict mouseover area for a column to its own shape vs surrounding area https://querifyquestion.com
Like Comment
To view or add a comment, sign in
CVE Find

239 followers
9mo
Report this post
[CVE-2024-47875: CRITICAL] DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3. https://lnkd.in/g3Pz8gHB
Like Comment
To view or add a comment, sign in

87,685 followers

View Profile Follow

Palo Alto Networks Unit 42’s Post

More from this author

Breaking News From Unit 42®: You'll Want to See This

Unit 42 Threat Bulletin - May 2025

Unit 42 Threat Bulletin - April 2025

Explore topics