PinnedLAPSUS$ TTPsLAPSUSS TTPs & MITRE ATT&CK MappingMar 31, 2022A response icon1Mar 31, 2022A response icon1
PinnedCobalt Strike PowerShell Payload AnalysisI have spotted this interesting tweet from Malwar3Ninja and decided to take a look and analyse the Cobalt Strike PowerShell payload.Sep 1, 2021A response icon1Sep 1, 2021A response icon1
PinnedCobalt Strike Hunting — DLL Hijacking/Attack AnalysisDLL Hijacking via Cobalt StrikeAug 17, 2021Aug 17, 2021
PinnedCobalt Strike Hunting — Malleable C2 jQuery profile & rundll32 AnalysisMalleable C2 — jQuery profiles.Aug 5, 2021Aug 5, 2021
PinnedCobalt Strike Hunting — simple PCAP and Beacon AnalysisLegit healthcare company.Jul 21, 2021Jul 21, 2021
Published inDetect FYIHunting Malicious Infrastructure-Headers and Hardcoded/Static StringsIn my last blog Hunting Malicious Infrastructure using JARM and HTTP ResponseDec 5, 2023Dec 5, 2023
Threat Intel-Pivoting using CensysHunting malicious infrastructure: Muddy Water Cyberespionage Threat Actor from Iran 🇮🇷Nov 5, 2023Nov 5, 2023
APT 29 Initial Access Killchain -MITRE ATT@CK MappingAPT29/Nobelium Initial Access & ATT@CK MappingMay 23, 2023A response icon1May 23, 2023A response icon1
Published inDetect FYIHunting Malicious Infrastructure using JARM and HTTP ResponseHunting QBot C2 and Brute Ratel C4 InfrastructureMay 16, 2023A response icon2May 16, 2023A response icon2
