COVID-19 Themed-Based Domains

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Retired Member
Not applicable

Unit 42 - COVID-19: Cloud Threat LandscapeUnit 42 - COVID-19: Cloud Threat Landscape

Palo Alto Networks Unit 42 provides a clear analysis about the Cloud Threat Landscape and theme-based malicious domains that have recently been identified. See how this could impact your network and remote users.




COVID-19: Cloud Threat Landscape


The Palo Alto Networks global threat intelligence team, Unit 42, recently provided insight into the risk of some newly observed hostnames (NOH) that contain keywords related to the coronavirus pandemic.


In Jay Chen’s Unit 42 blog, “COVID-19: Cloud Threat Landscape,” he dives into the details of how these theme-based domains are being used, where they’re being created, and the different types of malicious domains out there. Chen is a Sr. Cloud Vulnerability and Exploit Researcher at Palo Alto Networks and has been a regular contributor to the Unit 42 blog, providing readers with key details about cybersecurity threats. Read more blogs from Jay Chen.


It is interesting to note that Unit 42 details the cloud threat landscape, identifying the public clouds that currently present vulnerabilities. “Unit 42 researchers found 56,200+ of the NOHs are hosted in one of the top four  popular cloud service providers (CSPs), such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Alibaba,” wrote Chen.


So what does this mean for you?

Chen concluded his analysis by writing, “Cyber threats are evolving rapidly and leveraging real-world events to deceive victims [...] With thousands of malicious domains coming online every day, it is imperative to protect every endpoint with continuous monitoring and automatic threat prevention tools because cloud-hosted applications and services are exposed to the same threats as non-cloud endpoints.”


Is there a silver lining? 

Yes, there is a silver lining. If you are a Palo Alto Networks customer and are using Prisma Cloud, VM-Series Next Generation Firewall, and Palo Alto Networks URL Filtering, then you are already protected from these types of threats. However, running a Best Practice Assessment, staying up-to-date with Unit 42 threat analysis like this, and having key resources in mind can help you stay on top of cybersecurity threats in the world.


Head over to Unit 42 to read more about the Cloud Threat Landscape.



Additional Information

Prisma Cloud Resource Page

URL Filtering


Cloud Integration Resource

Threat and Vulnerability Discussion on LIVEcommunity

Register or Sign-in