C2 Archives - Unit 42

A pictorial representation of Stately Taurus. The head of a bull inset on a red circle. The constellation of taurus. These elements are surrounded by a starry night sky.

205

people reacted

南太平洋で緊張が高まるなか Stately Taurus がフィリピンを標的に

By Unit 42
November 17, 2023 at 3:00 AM

2

3 min. read

PowerShell Empire フレームワークによる C2 検出のための ML (機械学習) ベースの堅牢な学習システムのトレーニング

104

people reacted

PowerShell Empire フレームワークによる C2 検出のための ML (機械学習) ベースの堅牢な学習システムのトレーニング

By Qian Feng, Chris Navarrete, Yanhui Jia, Yu Fu, Iris Dai, Nina Smith and Brad Duncan
November 5, 2023 at 11:26 PM

0

4 min. read

Malware conceptual image, covering topics such as Cobalt Strike Team Server, which can be abused by malware authors for malicious purposes

3,285

people reacted

Cobalt Strike解析&チュートリアル: 野生(in the wild)のCobalt Strike Beacon Team Serverの識別

By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj
November 8, 2022 at 6:15 PM

0

3 min. read

A conceptual image representing malware and its evasions.

3,821

people reacted

Cobalt Strike解析&チュートリアル: Cobalt Strikeによるメタデータの暗号化と復号

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
July 13, 2022 at 7:40 PM

0

3 min. read

A conceptual image representing malware, such as Popping Eagle.

2,825

people reacted

Popping Eagle: グローバルな統計的分析を高度な脅威アクターの発見に活かす方法

By Yuval Zan and Chen Evgi
June 6, 2022 at 1:14 AM

0

5 min. read

A conceptual image that represents malware, including the malicious uses of Cobalt Strike and its metadata encoding algorithm covered here.

3,231

people reacted

Cobalt Strike解析&チュートリアル: Cobalt Strikeによるメタデータのエンコードとデコード

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
May 8, 2022 at 11:18 PM

0

4 min. read

A conceptual image representing malware, such as the SolarMarker campaign discussed here.

3,153

people reacted

SolarMarker (Jupyter)の新たなキャンペーンで示された攻撃パターンの変化

By Shimi Cohen, Inbal Shalev and Irena Damsky
April 11, 2022 at 1:24 AM

11

3 min. read

Cobalt Strike解析&チュートリアル: Malleable C2プロファイルでCobalt Strike検出が難しくなる理由

4,930

people reacted

Cobalt Strike解析&チュートリアル: Malleable C2プロファイルでCobalt Strike検出が難しくなる理由

By Yanhui Jia, Durgesh Sangvikar, Siddhart Shibiraj, Chris Navarrete, Yu Fu and Andrew Guan
March 16, 2022 at 3:00 PM

1

4 min. read

We describe a proactive detector for DNS Security that can identify malicious domains based on their registration records and other indicators.

5,082

people reacted

DNSセキュリティで悪意のあるドメインをプロアクティブに検出・防止する

By Zhanhao Chen and Daiping Liu
May 4, 2021 at 6:00 AM

3

2 min. read

A conceptual image representing the concept of malware, such as that covered in this case study of Emotet Command and Control traffic.

3,617

people reacted

Emotetのコマンド&コントロールのケーススタディ

By Chris Navarrete and Yanhui Jia
April 13, 2021 at 12:42 AM

1

3 min. read

A conceptual image representing malware, such as Emotet, discussed in this blog.

3,420

people reacted

攻撃チェーンの概要: 2020年12月および2021年1月のEmotet

By Chris Navarrete, Yanhui Jia, Matthew Tennis, Durgesh Sangvikar and Rongbo Shao
March 14, 2021 at 5:35 PM

1

4 min. read

This conceptual image illustrates the idea of malware, such as the njRAT spreading through active Pastebin command and control tunnel that is discussed in this blog.

4,466

people reacted

稼働中のPastebinによるコマンド&コントロールトンネルを介しnjRATが拡散

By Yanhui Jia, Chris Navarrete and Haozhe Zhang
December 9, 2020 at 6:00 AM

0

3 min. read

A conceptual image illustrating the concept of espionage, including the type of stealthy activity using backdoors that threat researchers observed the xHunt campaign using.

3,924

people reacted

xHuntキャンペーン: 新たに発見されたバックドアが削除された電子メールドラフトとコマンド&コントロール用のDNSトンネリングを使用

By Robert Falcone
November 9, 2020 at 12:00 AM

1

3 min. read

プリンスオブペルシャ – ゲームオーバー

By Simon Conant and Lior Efraim
June 28, 2016 at 3:00 PM

0

4 min. read