Cobalt Strike Archives - Unit 42

A pictorial representation of DNS tunneling.

4,978

people reacted

最近観測されている DNS トンネリングのトラフィック

By Ruian Duan and Daiping Liu
October 16, 2023 at 1:38 AM

0

4 min. read

A pictorial representation of an adversary such as a cluster linked to Alloy Taurus.

137

people reacted

東南アジア政府への執拗なサイバースパイ活動に Alloy Taurus が関与

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 26, 2023 at 11:00 PM

0

6 min. read

A pictorial representation of an adversary such as the three attack clusters that targeted a Southeast Asian government.

170

people reacted

Unit 42 東南アジア政府を標的とする複数のスパイ活動を発見

By Lior Rochberger, Tom Fakterman and Robert Falcone
September 26, 2023 at 11:00 PM

1

2 min. read

A pictorial representation of Cobalt Strike attacks using Malleable C2 profiles found in the wild, as well as the Palo Alto Networks and Unit 42 logos.

771

people reacted

Cobalt Strike解析&チュートリアル: 人気Cobalt Strike Malleable C2プロファイル技術の検出

By Durgesh Sangvikar, Matthew Tennis, Chris Navarrete, Yanhui Jia, Yu Fu and Nina Smith
June 27, 2023 at 3:00 PM

1

2 min. read

Conceptual image representing evasive malware such as Cobalt Strike

3,976

people reacted

メモリ解析によるCobalt Strikeの撃沈

By Dominik Reichel, Esmid Idrizovic and Bob Jung
December 5, 2022 at 12:02 AM

0

5 min. read

Malware conceptual image, covering topics such as Cobalt Strike Team Server, which can be abused by malware authors for malicious purposes

3,285

people reacted

Cobalt Strike解析&チュートリアル: 野生(in the wild)のCobalt Strike Beacon Team Serverの識別

By Durgesh Sangvikar, Chris Navarrete, Matthew Tennis, Yanhui Jia, Yu Fu and Siddhart Shibiraj
November 8, 2022 at 6:15 PM

0

3 min. read

Conceptual image representing phishing, including the way Bumblebee malware is distributed, as discussed here

3,704

people reacted

Bumblebeeの飛翔: メールのやりとりから始まるファイル共有サービスを悪用したマルウェア感染

By Brad Duncan
August 10, 2022 at 12:37 AM

0

3 min. read

ロシアのAPT29ハッカーがオンラインストレージサービスのDropBoxとGoogle Driveを悪用

3,758

people reacted

ロシアのAPT29ハッカーがオンラインストレージサービスのDropBoxとGoogle Driveを悪用

By Mike Harbison and Peter Renals
July 26, 2022 at 1:34 AM

0

5 min. read

A conceptual image representing malware and its evasions.

3,821

people reacted

Cobalt Strike解析&チュートリアル: Cobalt Strikeによるメタデータの暗号化と復号

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
July 13, 2022 at 7:40 PM

0

3 min. read

A conceptual image that represents malware, including the malicious uses of Cobalt Strike and its metadata encoding algorithm covered here.

3,231

people reacted

Cobalt Strike解析&チュートリアル: Cobalt Strikeによるメタデータのエンコードとデコード

By Chris Navarrete, Durgesh Sangvikar, Yu Fu, Yanhui Jia and Siddhart Shibiraj
May 8, 2022 at 11:18 PM

0

4 min. read

Cobalt Strike解析&チュートリアル: Malleable C2プロファイルでCobalt Strike検出が難しくなる理由

4,930

people reacted

Cobalt Strike解析&チュートリアル: Malleable C2プロファイルでCobalt Strike検出が難しくなる理由

By Yanhui Jia, Durgesh Sangvikar, Siddhart Shibiraj, Chris Navarrete, Yu Fu and Andrew Guan
March 16, 2022 at 3:00 PM

1

4 min. read

A conceptual image representing malware, such as the BazarLoader windows-based malware discussed here.

7,752

people reacted

ケーススタディ: BazarLoaderからネットワーク偵察へ

By Brad Duncan
October 18, 2021 at 6:00 AM

0

3 min. read

Wireshark Tutorial

5,430

people reacted

Wireshark によるパケット解析講座12: Hancitor感染トラフィックの調査

By Brad Duncan
April 9, 2021 at 1:36 AM

1

7 min. read

Malicious email, as depicted here, can be the starting point of a chain of events related to Hancitor infections, which have recently been observed distributing Cobalt Strike and using a noisy network ping tool.

4,016

people reacted

HancitorによるCobalt Strikeとノイズの多いネットワークpingツールの使用

By Brad Duncan
April 2, 2021 at 1:00 AM

4

3 min. read