COBALT STRIKE |
2022-06-30 | Brad Duncan | Case Study: Cobalt Strike Server Lives on After Its Domain Is Suspended |
2022-06-17 | Brad Duncan | Malspam pushes Matanbuchus malware, leads to Cobalt Strike |
2022-05-19 | Brad Duncan | Bumblebee Malware from TransferXL URLs |
2022-03-16 | Brad Duncan | Qakbot infection with Cobalt Strike and VNC activity |
2022-02-09 | Brad Duncan | Example of Cobalt Strike from Emotet infection |
2021-12-16 | Brad Duncan | How the "Contact Forms" campaign tricks people |
2021-09-15 | Brad Duncan | Hancitor campaign abusing Microsoft's OneDrive |
2021-08-11 | Brad Duncan | TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike |
2021-07-09 | Brad Duncan | Hancitor tries XLL as initial malware file |
2021-06-30 | Brad Duncan | June 2021 Forensic Contest: Answers and Analysis |
2021-03-03 | Brad Duncan | Qakbot infection with Cobalt Strike |
2021-02-03 | Brad Duncan | Excel spreadsheets push SystemBC malware |
2019-11-20 | Brad Duncan | Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike |
COBALT |
2022-06-30/a> | Brad Duncan | Case Study: Cobalt Strike Server Lives on After Its Domain Is Suspended |
2022-06-17/a> | Brad Duncan | Malspam pushes Matanbuchus malware, leads to Cobalt Strike |
2022-05-19/a> | Brad Duncan | Bumblebee Malware from TransferXL URLs |
2022-03-16/a> | Brad Duncan | Qakbot infection with Cobalt Strike and VNC activity |
2022-02-09/a> | Brad Duncan | Example of Cobalt Strike from Emotet infection |
2022-01-09/a> | Didier Stevens | Extracting Cobalt Strike Beacons from MSBuild Scripts |
2021-12-16/a> | Brad Duncan | How the "Contact Forms" campaign tricks people |
2021-11-07/a> | Didier Stevens | Video: Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory |
2021-11-06/a> | Didier Stevens | Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory |
2021-10-25/a> | Didier Stevens | Decrypting Cobalt Strike Traffic With a "Leaked" Private Key |
2021-09-15/a> | Brad Duncan | Hancitor campaign abusing Microsoft's OneDrive |
2021-08-11/a> | Brad Duncan | TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike |
2021-07-09/a> | Brad Duncan | Hancitor tries XLL as initial malware file |
2021-06-30/a> | Brad Duncan | June 2021 Forensic Contest: Answers and Analysis |
2021-05-30/a> | Didier Stevens | Video: Cobalt Strike & DNS - Part 1 |
2021-03-15/a> | Didier Stevens | Finding Metasploit & Cobalt Strike URLs |
2021-03-03/a> | Brad Duncan | Qakbot infection with Cobalt Strike |
2021-02-14/a> | Didier Stevens | Video: tshark & Malware Analysis |
2021-02-03/a> | Brad Duncan | Excel spreadsheets push SystemBC malware |
2021-01-13/a> | Brad Duncan | Hancitor activity resumes after a hoilday break |
2020-11-23/a> | Didier Stevens | Quick Tip: Cobalt Strike Beacon Analysis |
2019-11-20/a> | Brad Duncan | Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike |
STRIKE |
2022-06-30/a> | Brad Duncan | Case Study: Cobalt Strike Server Lives on After Its Domain Is Suspended |
2022-06-17/a> | Brad Duncan | Malspam pushes Matanbuchus malware, leads to Cobalt Strike |
2022-05-19/a> | Brad Duncan | Bumblebee Malware from TransferXL URLs |
2022-03-16/a> | Brad Duncan | Qakbot infection with Cobalt Strike and VNC activity |
2022-02-09/a> | Brad Duncan | Example of Cobalt Strike from Emotet infection |
2022-01-09/a> | Didier Stevens | Extracting Cobalt Strike Beacons from MSBuild Scripts |
2021-12-16/a> | Brad Duncan | How the "Contact Forms" campaign tricks people |
2021-11-07/a> | Didier Stevens | Video: Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory |
2021-11-06/a> | Didier Stevens | Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory |
2021-10-25/a> | Didier Stevens | Decrypting Cobalt Strike Traffic With a "Leaked" Private Key |
2021-09-15/a> | Brad Duncan | Hancitor campaign abusing Microsoft's OneDrive |
2021-08-11/a> | Brad Duncan | TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike |
2021-07-09/a> | Brad Duncan | Hancitor tries XLL as initial malware file |
2021-06-30/a> | Brad Duncan | June 2021 Forensic Contest: Answers and Analysis |
2021-05-30/a> | Didier Stevens | Video: Cobalt Strike & DNS - Part 1 |
2021-03-15/a> | Didier Stevens | Finding Metasploit & Cobalt Strike URLs |
2021-03-03/a> | Brad Duncan | Qakbot infection with Cobalt Strike |
2021-02-14/a> | Didier Stevens | Video: tshark & Malware Analysis |
2021-02-03/a> | Brad Duncan | Excel spreadsheets push SystemBC malware |
2021-01-13/a> | Brad Duncan | Hancitor activity resumes after a hoilday break |
2020-11-23/a> | Didier Stevens | Quick Tip: Cobalt Strike Beacon Analysis |
2019-11-20/a> | Brad Duncan | Hancitor infection with Pony, Evil Pony, Ursnif, and Cobalt Strike |