Case Study: a global business process outsourcing company thwarts a sophisticated Muddled Libra cyberattack with Palo Alto Networks Unit 42

a global business process outsourcing company identifies and contains a Muddled Libra attack in 4 days with Palo Alto Networks

A global business process outsourcing company faced a sophisticated cyberattack from the Muddled Libra threat actor, who executed five distinct attacks over one week using social engineering and exploitation of the company's own security tools. Palo Alto Networks, through its Unit 42 Incident Response team, was engaged to investigate, contain, and remediate the multiphase intrusion.

The solution involved Palo Alto Networks’ Unit 42 assessing, investigating, and securing the environment across each attack wave, actions which included isolating systems, hardening firewalls, and reconstructing Active Directory. As a result, the threat actor was fully evicted within four days. Notably, Cortex XDR blocked a subsequent brute force attack in 16 minutes, and the Unit 42 team leveraged the investigation to identify new threat actor techniques in under one day, enabling faster future containment.