Get to know # Unit 42 The Unit 42 team brings together world-renowned threat researchers with incident responders and security consultants. Together, they create an intelligence-driven, response-ready organization who are passionate about helping customers more proactively manage cyber risk. With a deeply rooted reputation for delivering world-class threat intelligence, the Unit 42 team provides industry-leading incident response and cyber risk management services to security leaders around the globe. [![linkedin](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/linkedin.svg)](https://www.linkedin.com/company/unit42/) *** ** * ** *** Blogs by Unit 42 Sort By: Recent Recent Popular *** ** * ** *** [![The Case for Multidomain Visibility](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/09/AdobeStock_645923878-scaled.jpeg)](https://www.paloaltonetworks.com/blog/2025/10/case-for-multidomain-visibility/) ## [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/category/data-security/?ts=markdown), [Incident Response](https://www.paloaltonetworks.com/blog/category/incident-response/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [The Case for Multidomain Visibility](https://www.paloaltonetworks.com/blog/2025/10/case-for-multidomain-visibility/) Get key insights from the 2025 Unit 42 Global Incident Response Report. Defend against complex, multidomain cyberattacks with unified visibility, AI-powered detection and identity controls. Oct 01, 2025 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![Navigating Heightened Cyber Risks from Iranian Threats](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/07/AdobeStock_612533837-1-scaled.jpeg)](https://www.paloaltonetworks.com/blog/2025/07/navigating-heightened-cyber-risks-iranian-threats/) ## [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Threat Brief](https://www.paloaltonetworks.com/blog/category/threat-brief/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Navigating Heightened Cyber Risks from Iranian Threats](https://www.paloaltonetworks.com/blog/2025/07/navigating-heightened-cyber-risks-iranian-threats/) Recent geopolitical tensions have elevated the global cybersecurity risk landscape and the potential for increased cyber operations demands attention. Jul 02, 2025 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![Exploring the Art and Science of Threat Hunting with Oded Awaskar](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/07/Hive-Mind-1.jpg)](https://www.paloaltonetworks.com/blog/security-operations/exploring-the-art-and-science-of-threat-hunting-with-oded-awaskar/) ## [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown) ### [Exploring the Art and Science of Threat Hunting with Oded Awaskar](https://www.paloaltonetworks.com/blog/security-operations/exploring-the-art-and-science-of-threat-hunting-with-oded-awaskar/) Dive into the Art of Threat Hunting with Oded Awaskar. Learn what an effective threat hunting program looks like and how it helps organizations identify and stop sophisticated attacks. Jul 23, 2024 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![Creating a Security Program with Less Complexity and More Visibility](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/05/AdobeStock_624078692.jpeg)](https://www.paloaltonetworks.com/blog/2024/05/creating-a-security-program/) ## [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Creating a Security Program with Less Complexity and More Visibility](https://www.paloaltonetworks.com/blog/2024/05/creating-a-security-program/) Our 2024 Incident Response Report shows how vulnerabilities go unpatched, and critical resources sit exposed. May 23, 2024 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![Prowling the Wilds — Upgrade Your SOC and Hunt Down Threats](https://www.paloaltonetworks.com/blog/wp-content/uploads/2024/05/AdobeStock_621254974-edit-2.jpeg)](https://www.paloaltonetworks.com/blog/2024/05/upgrade-your-soc-and-hunt-down-threats/) ## [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Prowling the Wilds --- Upgrade Your SOC and Hunt Down Threats](https://www.paloaltonetworks.com/blog/2024/05/upgrade-your-soc-and-hunt-down-threats/) SOC leaders need to outfit their analysts with the right gear and training. Upgrade your SOC and analysts to hunt down the threats lurking in your network. May 21, 2024 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** Load more *** ** * ** *** Blogs by Unit 42 Sort By: Popular Popular Recent *** ** * ** *** [![OilRig Data Analysis Shows Breadth of Hacking Campaign](https://www.paloaltonetworks.com/blog/wp-content/uploads/2018/04/unit42-blog-600x300.jpg)](https://www.paloaltonetworks.com/blog/2019/04/oilrig-data-analysis-shows-breadth-hacking-campaign/) ## [Threat Research](https://www.paloaltonetworks.com/blog/category/threat-research/?ts=markdown) ### [OilRig Data Analysis Shows Breadth of Hacking Campaign](https://www.paloaltonetworks.com/blog/2019/04/oilrig-data-analysis-shows-breadth-hacking-campaign/) Palo Alto Networks Unit 42 threat research team has determined that the OilRig hacking group's activities are more widespread than previously understood, compromising at least 97 organizations in 27 countries, including China. Apr 30, 2019 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![‘BabyShark’ Targets Cryptocurrency Industry](https://www.paloaltonetworks.com/blog/wp-content/uploads/2018/04/unit42-blog-600x300.jpg)](https://www.paloaltonetworks.com/blog/2019/04/babyshark-targets-cryptocurrency-industry/) ## [Threat Research](https://www.paloaltonetworks.com/blog/category/threat-research/?ts=markdown) ### ['BabyShark' Targets Cryptocurrency Industry](https://www.paloaltonetworks.com/blog/2019/04/babyshark-targets-cryptocurrency-industry/) Palo Alto Networks has discovered that the threat actor behind the BabyShark malware family has expanded its operations beyond conducting espionage to also targeting the cryptocurrency industry. Apr 26, 2019 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [](https://www.paloaltonetworks.com/blog/2019/03/exploring-dns-abuse/) ## [Threat Research](https://www.paloaltonetworks.com/blog/category/threat-research/?ts=markdown) ### [Exploring DNS Abuse](https://www.paloaltonetworks.com/blog/2019/03/exploring-dns-abuse/) Unit 42 researchers have released a report showing how attackers can abuse DNS to hide their tracks when they infiltrate networks and steal data using a technique known as "DNS Tunneling." Mar 15, 2019 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![Hunting for the Recent Attacks Targeting Microsoft Exchange](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/02/Powerlines-Sunset.jpg)](https://www.paloaltonetworks.com/blog/security-operations/attacks-targeting-microsoft-exchange/) ## [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown) ### [Hunting for the Recent Attacks Targeting Microsoft Exchange](https://www.paloaltonetworks.com/blog/security-operations/attacks-targeting-microsoft-exchange/) Executive Summary March 16 Update: A detailed timeline of protections released across our Cortex XDR products has been added to this blog post. On March 2, 2021, Volexity reported the in-the-wild exploitation ... Mar 03, 2021 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** [![Hunting PrintNightmare (CVE-2021-1675) Using Cortex XDR](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/07/Collaborate.jpg)](https://www.paloaltonetworks.com/blog/security-operations/hunting-printnightmare/) ## [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown) ### [Hunting PrintNightmare (CVE-2021-1675) Using Cortex XDR](https://www.paloaltonetworks.com/blog/security-operations/hunting-printnightmare/) PrintNightmare (CVE-202-1675) is a recent high impact vulnerability with a publicly available exploit. Discover how to use Cortex XDR to hunt for potential breach. Jul 01, 2021 By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42") *** ** * ** *** Load more {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language