Understanding DNS Tunneling Traffic in the Wild 12,333 people reacted Understanding DNS Tunneling Traffic in the Wild By Ruian Duan and Daiping Liu October 13, 2023 at 4:00 PM 27 11 min. read
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus 4,350 people reacted Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus By Lior Rochberger, Tom Fakterman and Robert Falcone September 22, 2023 at 6:02 AM 5 13 min. read
Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government 6,041 people reacted Unit 42 Researchers Discover Multiple Espionage Operations Targeting Southeast Asian Government By Lior Rochberger, Tom Fakterman and Robert Falcone September 22, 2023 at 6:00 AM 16 6 min. read
Detecting Popular Cobalt Strike Malleable C2 Profile Techniques 19,838 people reacted Detecting Popular Cobalt Strike Malleable C2 Profile Techniques By Durgesh Sangvikar, Matthew Tennis, Chris Navarrete, Yanhui Jia, Yu Fu and Nina Smith June 27, 2023 at 3:00 PM 21 6 min. read
Blowing Cobalt Strike Out of the Water With Memory Analysis 74,106 people reacted Blowing Cobalt Strike Out of the Water With Memory Analysis By Dominik Reichel, Esmid Idrizovic and Bob Jung December 2, 2022 at 6:00 AM 24 15 min. read
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild 74,490 people reacted Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj November 3, 2022 at 6:00 AM 27 9 min. read
Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware 82,098 people reacted Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware By Brad Duncan August 3, 2022 at 12:00 PM 58 8 min. read
Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive 92,812 people reacted Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive By Mike Harbison and Peter Renals July 19, 2022 at 3:00 AM 60 15 min. read
Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption 52,808 people reacted Cobalt Strike Analysis and Tutorial: CS Metadata Encryption and Decryption By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj July 13, 2022 at 6:00 AM 31 9 min. read
Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding 42,190 people reacted Cobalt Strike Analysis and Tutorial: CS Metadata Encoding and Decoding By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj May 6, 2022 at 12:00 PM 11 9 min. read
Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect 82,033 people reacted Cobalt Strike Analysis and Tutorial: How Malleable C2 Profiles Make Cobalt Strike Difficult to Detect By Chris Navarrete, Durgesh Sangvikar, Andrew Guan, Yu Fu, Yanhui Jia and Siddhart Shibiraj March 16, 2022 at 3:00 PM 20 9 min. read
Case Study: From BazarLoader to Network Reconnaissance 61,949 people reacted Case Study: From BazarLoader to Network Reconnaissance By Brad Duncan October 18, 2021 at 6:00 AM 29 7 min. read
Wireshark Tutorial: Examining Traffic from Hancitor Infections 62,481 people reacted Wireshark Tutorial: Examining Traffic from Hancitor Infections By Brad Duncan April 7, 2021 at 6:00 AM 47 20 min. read
Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool 52,198 people reacted Hancitor’s Use of Cobalt Strike and a Noisy Network Ping Tool By Brad Duncan April 1, 2021 at 12:00 PM 30 11 min. read