Tootfinder

New report from Palo Alto’s Unit42 on sophisticated attacks with long dwell times by one or more Chinese threat groups. There is a lot going on in this article and much of it likely doesn’t apply to my organization, but I try to learn from reports like this at least one thing that I can bring to my organization to improve our security posture. In this case I learned about DumpIt — a new-to-me free multiplatform forensics tool. I’m going to add that to an upcoming threat hunt and will build d…

An Investigation Into Years of Undetected Operations Targeting High-Value Sectors
In-depth analysis of threat activity we call CL-UNK-1068. We discuss their toolset, including tunneling, reconnaissance and credential theft.

Two big threat intel firms released their annual reports this morning: Palo Alto Networks and Dragos.
One Palo Alto finding that jumps out: nearly half (48%) of their observed intrusions in 2025 involved browser-based activity.
https://www.paloaltonetworks.com/resources

2026 Unit 42 Global Incident Response Report
Read the 2026 Unit 42 Global Incident Response report to discover attacker tactics and get real-world insights and expert recommendations to safeguard your business.