In previous report on Cobalt Strike focused on the most frequently used capabilities that observed. In this report, we will focus on the network traffic it produced, and provide some easy wins defenders can be on the look out for to detect beaconing activity. We cover topics such as domain fronting, …
Read More »Cobalt Strike Defense Guide
Intro In our research, we expose adversarial Tactics, Techniques and Procedures (TTPs) as well as the tools they use to execute their mission objectives. In most of our cases, we see the threat actors utilizing Cobalt Strike. Therefore, defenders should know how to detect Cobalt Strike in various stages of …
Read More »Windows Server 2008: Auditing Active Directory
حتی اگر مدت کوتاهی است که پا به عرصه شبکه و مدیریت سرورها گذاشته اید، حتماً به بررسی کنترل های امنیتی بر خورده اید. اما چه کسانی، چه زمانی و چگونه از دسترسی هایشان استفاده کرده اند یا قصد دسترسی بدون اجازه به منابع دیگران را داشته اند ؟ اگر …
Read More »