You might be interested in …

[SANS ISC] “aa” distribution Qakbot (Qbot) infection with DarkVNC traffic, (Wed, Apr 20th)

All posts, Sans-ISC

Chain of Events Email –> link –> downloaded zip archive –> extracted Excel file –> enable macros –> HTTPS traffic for Qakbot DLL files –> Qakbot C2 activity –> DarkVNC traffic Images Shown above:  Link from an email distributing Qakbot (“aa” distribution tag) in a web browser. Shown above:  Downloaded zip archive and extracted spreadsheet. […]

Read More

[SANS ISC] ISC Stormcast For Tuesday, August 3rd, 2021 https://isc.sans.edu/podcastdetail.html?id=7612, (Tue, Aug 3rd)

All posts, Sans-ISC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: Read More (SANS Internet Storm Center, InfoCON: green)

Read More

[ThreatPost] 2021 Attacker Dwell Time Trends and Best Defenses

All posts, ThreatPost

The time that attackers stay hidden inside an organization’s networks is shifting, putting pressure on defenders and upping the need to detect and respond to threats in real-time. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.