Chris Navarrete, Author at Unit 42

Conducting Robust Learning for Empire Command and Control Detection

1,964

people reacted

Conducting Robust Learning for Empire Command and Control Detection

By Qian Feng, Chris Navarrete, Yanhui Jia, Yu Fu, Iris Dai, Nina Smith and Brad Duncan
November 1, 2023 at 3:00 AM

14

10 min. read

A pictorial representation of Cobalt Strike case studies using Malleable C2 profiles. The Palo Alto Networks and Unit 42 logos.

18,315

people reacted

Detecting Popular Cobalt Strike Malleable C2 Profile Techniques

By Durgesh Sangvikar, Matthew Tennis, Chris Navarrete, Yanhui Jia, Yu Fu and Nina Smith
June 27, 2023 at 3:00 PM

18

6 min. read

A pictorial representation of malicious email like LokiBot where a stylized bug pops out of an envelope

61,669

people reacted

Spike in LokiBot Activity During Final Week of 2022

By Chris Navarrete, Edouard Bochin, Durgesh Sangvikar, Lei Xu and Yu Fu
March 3, 2023 at 6:00 AM

18

8 min. read

Malware conceptual image, covering topics such as Cobalt Strike Team Server, which can be abused by malware authors for malicious purposes

72,691

people reacted

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild

By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj
November 3, 2022 at 6:00 AM

26

9 min. read

A conceptual image representing malware and its evasions.

51,490

people reacted

Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
July 13, 2022 at 6:00 AM

31

9 min. read

A conceptual image that represents malware, including the malicious uses of Cobalt Strike and its metadata encoding algorithm covered here.

40,902

people reacted

Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
May 6, 2022 at 12:00 PM

11

9 min. read

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect

79,381

people reacted

Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect

By Chris Navarrete, Durgesh Sangvikar, Andrew Guan, Yu Fu, Yanhui Jia and Siddhart Shibiraj
March 16, 2022 at 3:00 PM

20

9 min. read

A conceptual image representing the concept of malware, such as that covered in this case study of Emotet Command and Control traffic.

41,349

people reacted

Emotet Command and Control Case Study

By Chris Navarrete and Yanhui Jia
April 9, 2021 at 12:00 PM

13

9 min. read

A conceptual image representing malware, such as Emotet, discussed in this blog.

29,995

people reacted

Attack Chain Overview: Emotet in December 2020 and January 2021

By Chris Navarrete, Yanhui Jia, Matthew Tennis, Durgesh Sangvikar and Rongbo Shao
March 8, 2021 at 6:00 AM

19

11 min. read

This conceptual image illustrates the idea of malware, such as the njRAT spreading through active Pastebin command and control tunnel that is discussed in this blog.

41,867

people reacted

njRAT Spreading Through Active Pastebin Command and Control Tunnel

By Yanhui Jia, Chris Navarrete and Haozhe Zhang
December 9, 2020 at 6:00 AM

22

6 min. read

90,624

people reacted

Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices

By Ken Hsu, Durgesh Sangvikar, Zhibin Zhang and Chris Navarrete
June 24, 2020 at 6:00 AM

39

13 min. read