Get to know # Jeff White Principal threat researcher, enterprise R\&D, cyber consulting and threat intelligence, Palo Alto Networks *** ** * ** *** Blogs by Jeff White Sort By: Recent Recent Popular *** ** * ** *** [![Ransomware as a Service: Defend by Reinvesting in the Fundamentals](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2021/10/In-All-Seriousness.jpg)](https://www.paloaltonetworks.com.au/blog/2021/10/raas-defense-in-depth/) ## [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) ### [Ransomware as a Service: Defend by Reinvesting in the Fundamentals](https://www.paloaltonetworks.com.au/blog/2021/10/raas-defense-in-depth/) Defense in depth and reinvesting in the fundamentals of cybersecurity are a powerful strategy for thwarting the ransomware-as-a-service model. Oct 12, 2021 By [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** [![Ransomware as a Service: Criminal “Entrepreneurs” Evolve Ransomware](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2021/10/Should-be-Mac.jpg)](https://www.paloaltonetworks.com.au/blog/2021/10/ransomware-as-a-service/) ## [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) ### [Ransomware as a Service: Criminal "Entrepreneurs" Evolve Ransomware](https://www.paloaltonetworks.com.au/blog/2021/10/ransomware-as-a-service/) Entrepreneurial threat actors are providing "ransomware as a service" -- platforms for budding cybercriminals looking to make it in the "industry." Oct 07, 2021 By [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** [![Dissecting Hancitor’s Latest 2018 Packer](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www.paloaltonetworks.com.au/blog/2018/02/unit42-dissecting-hancitors-latest-2018-packer/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Dissecting Hancitor's Latest 2018 Packer](https://www.paloaltonetworks.com.au/blog/2018/02/unit42-dissecting-hancitors-latest-2018-packer/) Unit 42 dives into the technical inner-workings of Hancitor's latest malware packer. Feb 27, 2018 By [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** [![PowerStager Analysis](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www.paloaltonetworks.com.au/blog/2018/01/unit42-powerstager-analysis/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [PowerStager Analysis](https://www.paloaltonetworks.com.au/blog/2018/01/unit42-powerstager-analysis/) Unit 42's analyzes PowerStager and the unique obfuscation technique it was employing for its PowerShell segments Jan 12, 2018 By [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** [![Analyzing the Various Layers of AgentTesla’s Packing](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2016/09/unit42-web-banner-650x300.jpg)](https://www.paloaltonetworks.com.au/blog/2017/09/unit42-analyzing-various-layers-agentteslas-packing/) ## [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown) ### [Analyzing the Various Layers of AgentTesla's Packing](https://www.paloaltonetworks.com.au/blog/2017/09/unit42-analyzing-various-layers-agentteslas-packing/) Palo Alto Networks Unit 42 analyzes the layers of AgentTesla's Packing. Sep 25, 2017 By [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** Load more *** ** * ** *** Blogs by Jeff White Sort By: Popular Popular Recent *** ** * ** *** [](https://www.paloaltonetworks.com.au/blog/2016/09/labyrenth-capture-the-flag-ctf-threat-track-solutions/) ## [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown) ### [LabyREnth Capture the Flag (CTF): Threat Track Solutions](https://www.paloaltonetworks.com.au/blog/2016/09/labyrenth-capture-the-flag-ctf-threat-track-solutions/) Welcome back to our blog series where we reveal the solutions to LabyREnth, the Unit 42 Capture the Flag (CTF) challenge. We'll be revealing the solutions to one challenge track per week. Next up, the ... Sep 01, 2016 By [Richard Wartell](https://www.paloaltonetworks.com/blog/author/richard-wartell/?ts=markdown "Posts by Richard Wartell"), [Micah Yates](https://www.paloaltonetworks.com/blog/author/micah-yates/?ts=markdown "Posts by Micah Yates"), [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White"), [Josh Grunzweig](https://www.paloaltonetworks.com/blog/author/josh-grunzweig/?ts=markdown "Posts by Josh Grunzweig") and [Anthony Kasza](https://www.paloaltonetworks.com/blog/author/anthony-kasza/?ts=markdown "Posts by Anthony Kasza") *** ** * ** *** [](https://www.paloaltonetworks.com.au/blog/2016/09/labyrenth-capture-the-flag-ctf-windows-track-1-6-solutions/) ## [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown) ### [LabyREnth Capture the Flag (CTF): Windows Track 1-6 Solutions](https://www.paloaltonetworks.com.au/blog/2016/09/labyrenth-capture-the-flag-ctf-windows-track-1-6-solutions/) Welcome back to our blog series where we reveal the solutions to LabyREnth, the Unit 42 Capture the Flag (CTF) challenge. We'll be revealing the solutions to one challenge track per week. Next up, the Windows track challenges ... Sep 15, 2016 By [Richard Wartell](https://www.paloaltonetworks.com/blog/author/richard-wartell/?ts=markdown "Posts by Richard Wartell"), [Tyler Halfpop](https://www.paloaltonetworks.com/blog/author/tyler-halfpop/?ts=markdown "Posts by Tyler Halfpop"), [Josh Grunzweig](https://www.paloaltonetworks.com/blog/author/josh-grunzweig/?ts=markdown "Posts by Josh Grunzweig"), [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") and [Jacob Soo](https://www.paloaltonetworks.com/blog/author/jacob-soo/?ts=markdown "Posts by Jacob Soo") *** ** * ** *** [![Ransomware as a Service: Defend by Reinvesting in the Fundamentals](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2021/10/In-All-Seriousness.jpg)](https://www.paloaltonetworks.com.au/blog/2021/10/raas-defense-in-depth/) ## [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown) ### [Ransomware as a Service: Defend by Reinvesting in the Fundamentals](https://www.paloaltonetworks.com.au/blog/2021/10/raas-defense-in-depth/) Defense in depth and reinvesting in the fundamentals of cybersecurity are a powerful strategy for thwarting the ransomware-as-a-service model. Oct 12, 2021 By [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** [![LabyREnth Capture the Flag (CTF): Mobile Track Solutions](https://www.paloaltonetworks.com.au/blog/wp-content/uploads/2016/09/blog-web-banner-650x300.jpg)](https://www.paloaltonetworks.com.au/blog/2016/09/unit42-labyrenth-capture-the-flag-ctf-mobile-track-solutions/) ## [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown) ### [LabyREnth Capture the Flag (CTF): Mobile Track Solutions](https://www.paloaltonetworks.com.au/blog/2016/09/unit42-labyrenth-capture-the-flag-ctf-mobile-track-solutions/) Welcome back to our blog series where we reveal the solutions to LabyREnth, the Unit 42 Capture the Flag (CTF) challenge. We'll be revealing the solutions to one challenge track per week. Next up, the Mobile track. Mobile ... Sep 29, 2016 By [Richard Wartell](https://www.paloaltonetworks.com/blog/author/richard-wartell/?ts=markdown "Posts by Richard Wartell"), [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White"), [Tyler Halfpop](https://www.paloaltonetworks.com/blog/author/tyler-halfpop/?ts=markdown "Posts by Tyler Halfpop"), [Juan Cortes](https://www.paloaltonetworks.com/blog/author/juan-cortes/?ts=markdown "Posts by Juan Cortes") and [Josh Grunzweig](https://www.paloaltonetworks.com/blog/author/josh-grunzweig/?ts=markdown "Posts by Josh Grunzweig") *** ** * ** *** [](https://www.paloaltonetworks.com.au/blog/2016/08/labyrenth-capture-the-flag-ctf-document-track-solutions/) ## [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown) ### [LabyREnth Capture the Flag (CTF): Document Track Solutions](https://www.paloaltonetworks.com.au/blog/2016/08/labyrenth-capture-the-flag-ctf-document-track-solutions/) Thanks to the incredibly talented community of threat researchers that participated in LabyREnth, the Unit 42 Capture the Flag (CTF) challenge. Now that the challenge is closed, we can finally reveal the ... Aug 18, 2016 By [Richard Wartell](https://www.paloaltonetworks.com/blog/author/richard-wartell/?ts=markdown "Posts by Richard Wartell"), [Tyler Halfpop](https://www.paloaltonetworks.com/blog/author/tyler-halfpop/?ts=markdown "Posts by Tyler Halfpop") and [Jeff White](https://www.paloaltonetworks.com/blog/author/jeff-white/?ts=markdown "Posts by Jeff White") *** ** * ** *** Load more {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language