In previous report on Cobalt Strike focused on the most frequently used capabilities that observed. In this report, we will focus on the network traffic it produced, and provide some easy wins defenders can be on the look out for to detect beaconing activity. We cover topics such as domain fronting, …
Read More »
Intro In our research, we expose adversarial Tactics, Techniques and Procedures (TTPs) as well as the tools they use to execute their mission objectives. In most of our cases, we see the threat actors utilizing Cobalt Strike. Therefore, defenders should know how to detect Cobalt Strike in various stages of …
Read More »
حتی اگر مدت کوتاهی است که پا به عرصه شبکه و مدیریت سرورها گذاشته اید، حتماً به بررسی کنترل های امنیتی بر خورده اید. اما چه کسانی، چه زمانی و چگونه از دسترسی هایشان استفاده کرده اند یا قصد دسترسی بدون اجازه به منابع دیگران را داشته اند ؟ اگر …
Read More »