Get to know # Mike Scott *** ** * ** *** Blogs by Mike Scott Sort By: Recent Recent Popular *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/06/unit42-extending-autofocus-threat-intelligence-with-new-tag-types/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Extending AutoFocus Threat Intelligence With New Tag Types](https://www2.paloaltonetworks.com/blog/2016/06/unit42-extending-autofocus-threat-intelligence-with-new-tag-types/) In previous posts we have discussed how AutoFocus accelerates the analysis, hunting, and incident response workflows by providing full context for threat events seen on your network, as well as high-level visibility ... Jun 17, 2016 By [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [New Wekby Attacks Use DNS Requests As Command and Control Mechanism](https://www2.paloaltonetworks.com/blog/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/) We have observed an attack led by the APT group Wekby targeting a US-based organization in recent weeks. Wekby is a group that has been active for a number of years, targeting ... May 24, 2016 By [Josh Grunzweig](https://www.paloaltonetworks.com/blog/author/josh-grunzweig/?ts=markdown "Posts by Josh Grunzweig"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott") and [Bryan Lee](https://www.paloaltonetworks.com/blog/author/bryan-lee/?ts=markdown "Posts by Bryan Lee") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Operation Ke3chang Resurfaces With New TidePool Malware](https://www2.paloaltonetworks.com/blog/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/) Introduction Little has been published on the threat actors responsible for Operation Ke3chang since the report was released more than two years ago. However, Unit 42 has recently discovered the actors have ... May 22, 2016 By [Micah Yates](https://www.paloaltonetworks.com/blog/author/micah-yates/?ts=markdown "Posts by Micah Yates"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott"), [Brandon Levene](https://www.paloaltonetworks.com/blog/author/brandon-levene/?ts=markdown "Posts by Brandon Levene"), [Jen Miller-Osborn](https://www.paloaltonetworks.com/blog/author/jen-miller-osborn/?ts=markdown "Posts by Jen Miller-Osborn") and [Tom Keigher](https://www.paloaltonetworks.com/blog/author/tkeigher/?ts=markdown "Posts by Tom Keigher") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/04/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [New Poison Ivy RAT Variant Targets Hong Kong Pro-Democracy Activists](https://www2.paloaltonetworks.com/blog/2016/04/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists/) Malware writers have always sought to develop feature-rich, easy to use tools that are also somewhat hard to detect via both host- and network-based detection systems. For many years, one of the ... Apr 21, 2016 By [Micah Yates](https://www.paloaltonetworks.com/blog/author/micah-yates/?ts=markdown "Posts by Micah Yates"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott"), [Brandon Levene](https://www.paloaltonetworks.com/blog/author/brandon-levene/?ts=markdown "Posts by Brandon Levene") and [Jen Miller-Osborn](https://www.paloaltonetworks.com/blog/author/jen-miller-osborn/?ts=markdown "Posts by Jen Miller-Osborn") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2015/11/attack-campaign-on-the-government-of-thailand-delivers-bookworm-trojan/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Attack Campaign on the Government of Thailand Delivers Bookworm Trojan](https://www2.paloaltonetworks.com/blog/2015/11/attack-campaign-on-the-government-of-thailand-delivers-bookworm-trojan/) Unit 42 recently published a blog on a newly identified Trojan called Bookworm, which discussed the architecture and capabilities of the malware and alluded to Thailand being the focus of the threat ... Nov 24, 2015 By [Robert Falcone](https://www.paloaltonetworks.com/blog/author/robert-falcone/?ts=markdown "Posts by Robert Falcone"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott") and [Juan Cortes](https://www.paloaltonetworks.com/blog/author/juan-cortes/?ts=markdown "Posts by Juan Cortes") *** ** * ** *** Load more *** ** * ** *** Blogs by Mike Scott Sort By: Popular Popular Recent *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/06/unit42-extending-autofocus-threat-intelligence-with-new-tag-types/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Extending AutoFocus Threat Intelligence With New Tag Types](https://www2.paloaltonetworks.com/blog/2016/06/unit42-extending-autofocus-threat-intelligence-with-new-tag-types/) In previous posts we have discussed how AutoFocus accelerates the analysis, hunting, and incident response workflows by providing full context for threat events seen on your network, as well as high-level visibility ... Jun 17, 2016 By [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [New Wekby Attacks Use DNS Requests As Command and Control Mechanism](https://www2.paloaltonetworks.com/blog/2016/05/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism/) We have observed an attack led by the APT group Wekby targeting a US-based organization in recent weeks. Wekby is a group that has been active for a number of years, targeting ... May 24, 2016 By [Josh Grunzweig](https://www.paloaltonetworks.com/blog/author/josh-grunzweig/?ts=markdown "Posts by Josh Grunzweig"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott") and [Bryan Lee](https://www.paloaltonetworks.com/blog/author/bryan-lee/?ts=markdown "Posts by Bryan Lee") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Operation Ke3chang Resurfaces With New TidePool Malware](https://www2.paloaltonetworks.com/blog/2016/05/operation-ke3chang-resurfaces-with-new-tidepool-malware/) Introduction Little has been published on the threat actors responsible for Operation Ke3chang since the report was released more than two years ago. However, Unit 42 has recently discovered the actors have ... May 22, 2016 By [Micah Yates](https://www.paloaltonetworks.com/blog/author/micah-yates/?ts=markdown "Posts by Micah Yates"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott"), [Brandon Levene](https://www.paloaltonetworks.com/blog/author/brandon-levene/?ts=markdown "Posts by Brandon Levene"), [Jen Miller-Osborn](https://www.paloaltonetworks.com/blog/author/jen-miller-osborn/?ts=markdown "Posts by Jen Miller-Osborn") and [Tom Keigher](https://www.paloaltonetworks.com/blog/author/tkeigher/?ts=markdown "Posts by Tom Keigher") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/04/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists/) ## [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [New Poison Ivy RAT Variant Targets Hong Kong Pro-Democracy Activists](https://www2.paloaltonetworks.com/blog/2016/04/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists/) Malware writers have always sought to develop feature-rich, easy to use tools that are also somewhat hard to detect via both host- and network-based detection systems. For many years, one of the ... Apr 21, 2016 By [Micah Yates](https://www.paloaltonetworks.com/blog/author/micah-yates/?ts=markdown "Posts by Micah Yates"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott"), [Brandon Levene](https://www.paloaltonetworks.com/blog/author/brandon-levene/?ts=markdown "Posts by Brandon Levene") and [Jen Miller-Osborn](https://www.paloaltonetworks.com/blog/author/jen-miller-osborn/?ts=markdown "Posts by Jen Miller-Osborn") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2015/11/attack-campaign-on-the-government-of-thailand-delivers-bookworm-trojan/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Attack Campaign on the Government of Thailand Delivers Bookworm Trojan](https://www2.paloaltonetworks.com/blog/2015/11/attack-campaign-on-the-government-of-thailand-delivers-bookworm-trojan/) Unit 42 recently published a blog on a newly identified Trojan called Bookworm, which discussed the architecture and capabilities of the malware and alluded to Thailand being the focus of the threat ... Nov 24, 2015 By [Robert Falcone](https://www.paloaltonetworks.com/blog/author/robert-falcone/?ts=markdown "Posts by Robert Falcone"), [Mike Scott](https://www.paloaltonetworks.com/blog/author/mike-scott/?ts=markdown "Posts by Mike Scott") and [Juan Cortes](https://www.paloaltonetworks.com/blog/author/juan-cortes/?ts=markdown "Posts by Juan Cortes") *** ** * ** *** Load more {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language