Get to know # Vicky Ray *** ** * ** *** Blogs by Vicky Ray Sort By: Recent Recent Popular *** ** * ** *** [![Bisonal Malware Used in Attacks Against Russia and South Korea](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2018/04/unit42-blog-600x300.jpg)](https://www2.paloaltonetworks.com/blog/2018/07/unit42-bisonal-malware-used-attacks-russia-south-korea/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Bisonal Malware Used in Attacks Against Russia and South Korea](https://www2.paloaltonetworks.com/blog/2018/07/unit42-bisonal-malware-used-attacks-russia-south-korea/) Unit 42 takes a look at how Bisonal Malware was used in attacks against Russia and South Korea. Read the full report. Jul 31, 2018 By [Kaoru Hayashi](https://www.paloaltonetworks.com/blog/author/khayashi/?ts=markdown "Posts by Kaoru Hayashi") and [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") *** ** * ** *** [![Compromised Servers \& Fraud Accounts: Recent Hancitor Attacks](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www2.paloaltonetworks.com/blog/2018/02/unit42-compromised-servers-fraud-accounts-recent-hancitor-attacks/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Compromised Servers \& Fraud Accounts: Recent Hancitor Attacks](https://www2.paloaltonetworks.com/blog/2018/02/unit42-compromised-servers-fraud-accounts-recent-hancitor-attacks/) Unit 42 tracks how attackers use fraudulent accounts and compromise infrastructures of legitimate businesses to deliver Hancitor malware. Feb 07, 2018 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") and [Brad Duncan](https://www.paloaltonetworks.com/blog/author/bduncan/?ts=markdown "Posts by Brad Duncan") *** ** * ** *** [![Exploring the Cybercrime Underground: Part 4 - Darknet Markets](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www2.paloaltonetworks.com/blog/2017/02/unit42-exploring-cybercrime-underground-part-4-darknet-markets/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Exploring the Cybercrime Underground: Part 4 - Darknet Markets](https://www2.paloaltonetworks.com/blog/2017/02/unit42-exploring-cybercrime-underground-part-4-darknet-markets/) Unit 42's exploration into the cybercrime underground continues with a look into darknet marketplaces. Feb 09, 2017 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") *** ** * ** *** [![Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With Poison Ivy](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www2.paloaltonetworks.com/blog/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With P...](https://www2.paloaltonetworks.com/blog/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/) Taiwan has been a regular target of cyber espionage threat actors for a number of years. Reasons for Taiwan being targeted range from being one of the sovereign states of the disputed ... Nov 22, 2016 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray"), [Robert Falcone](https://www.paloaltonetworks.com/blog/author/robert-falcone/?ts=markdown "Posts by Robert Falcone"), [Jen Miller-Osborn](https://www.paloaltonetworks.com/blog/author/jen-miller-osborn/?ts=markdown "Posts by Jen Miller-Osborn") and [Tom Lancaster](https://www.paloaltonetworks.com/blog/author/tom-lancaster/?ts=markdown "Posts by Tom Lancaster") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/08/unit42-exploring-the-cybercrime-underground-part-2-the-forum-ecosystem/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Exploring the Cybercrime Underground: Part 2 -- The Forum Ecosystem](https://www2.paloaltonetworks.com/blog/2016/08/unit42-exploring-the-cybercrime-underground-part-2-the-forum-ecosystem/) In this second part of Unit 42's Cybercrime Underground blog series, we dive into the cybercrime forum ecosystem and focus on observed cybercriminal roles, as well as prevalent tools and services bought ... Aug 29, 2016 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") and [Rob Downs](https://www.paloaltonetworks.com/blog/author/rob-downs/?ts=markdown "Posts by Rob Downs") *** ** * ** *** Load more *** ** * ** *** Blogs by Vicky Ray Sort By: Popular Popular Recent *** ** * ** *** [![Bisonal Malware Used in Attacks Against Russia and South Korea](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2018/04/unit42-blog-600x300.jpg)](https://www2.paloaltonetworks.com/blog/2018/07/unit42-bisonal-malware-used-attacks-russia-south-korea/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Bisonal Malware Used in Attacks Against Russia and South Korea](https://www2.paloaltonetworks.com/blog/2018/07/unit42-bisonal-malware-used-attacks-russia-south-korea/) Unit 42 takes a look at how Bisonal Malware was used in attacks against Russia and South Korea. Read the full report. Jul 31, 2018 By [Kaoru Hayashi](https://www.paloaltonetworks.com/blog/author/khayashi/?ts=markdown "Posts by Kaoru Hayashi") and [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") *** ** * ** *** [![Compromised Servers \& Fraud Accounts: Recent Hancitor Attacks](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www2.paloaltonetworks.com/blog/2018/02/unit42-compromised-servers-fraud-accounts-recent-hancitor-attacks/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Compromised Servers \& Fraud Accounts: Recent Hancitor Attacks](https://www2.paloaltonetworks.com/blog/2018/02/unit42-compromised-servers-fraud-accounts-recent-hancitor-attacks/) Unit 42 tracks how attackers use fraudulent accounts and compromise infrastructures of legitimate businesses to deliver Hancitor malware. Feb 07, 2018 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") and [Brad Duncan](https://www.paloaltonetworks.com/blog/author/bduncan/?ts=markdown "Posts by Brad Duncan") *** ** * ** *** [![Exploring the Cybercrime Underground: Part 4 - Darknet Markets](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www2.paloaltonetworks.com/blog/2017/02/unit42-exploring-cybercrime-underground-part-4-darknet-markets/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Exploring the Cybercrime Underground: Part 4 - Darknet Markets](https://www2.paloaltonetworks.com/blog/2017/02/unit42-exploring-cybercrime-underground-part-4-darknet-markets/) Unit 42's exploration into the cybercrime underground continues with a look into darknet marketplaces. Feb 09, 2017 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") *** ** * ** *** [![Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With Poison Ivy](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www2.paloaltonetworks.com/blog/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Tropic Trooper Targets Taiwanese Government and Fossil Fuel Provider With P...](https://www2.paloaltonetworks.com/blog/2016/11/unit42-tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/) Taiwan has been a regular target of cyber espionage threat actors for a number of years. Reasons for Taiwan being targeted range from being one of the sovereign states of the disputed ... Nov 22, 2016 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray"), [Robert Falcone](https://www.paloaltonetworks.com/blog/author/robert-falcone/?ts=markdown "Posts by Robert Falcone"), [Jen Miller-Osborn](https://www.paloaltonetworks.com/blog/author/jen-miller-osborn/?ts=markdown "Posts by Jen Miller-Osborn") and [Tom Lancaster](https://www.paloaltonetworks.com/blog/author/tom-lancaster/?ts=markdown "Posts by Tom Lancaster") *** ** * ** *** [](https://www2.paloaltonetworks.com/blog/2016/08/unit42-exploring-the-cybercrime-underground-part-2-the-forum-ecosystem/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Exploring the Cybercrime Underground: Part 2 -- The Forum Ecosystem](https://www2.paloaltonetworks.com/blog/2016/08/unit42-exploring-the-cybercrime-underground-part-2-the-forum-ecosystem/) In this second part of Unit 42's Cybercrime Underground blog series, we dive into the cybercrime forum ecosystem and focus on observed cybercriminal roles, as well as prevalent tools and services bought ... Aug 29, 2016 By [Vicky Ray](https://www.paloaltonetworks.com/blog/author/vicky-khan/?ts=markdown "Posts by Vicky Ray") and [Rob Downs](https://www.paloaltonetworks.com/blog/author/rob-downs/?ts=markdown "Posts by Rob Downs") *** ** * ** *** Load more {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language