C2 server – Page 2 – Experimental News Clipping Site

Unit 42: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia

Jan 29, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/?p=138128 Source: Unit 42 Title: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia Feedly Summary: A Chinese-linked espionage campaign targeted entities in South Asia using rare techniques like DNS exfiltration, with the aim to steal sensitive data. The post CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia appeared first…

Cloud Blog: Backscatter: Automated Configuration Extraction

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/backscatter-automated-configuration-extraction/ Source: Cloud Blog Title: Backscatter: Automated Configuration Extraction Feedly Summary: Written by: Josh Triplett Executive Summary Backscatter is a tool developed by the Mandiant FLARE team that aims to automatically extract malware configurations. It relies on static signatures and emulation to extract this information without dynamic execution, bypassing anti-analysis logic present in…

Cloud Blog: (QR) Coding My Way Out of Here: C2 in Browser Isolation Environments

Dec 4, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/c2-browser-isolation-environments/ Source: Cloud Blog Title: (QR) Coding My Way Out of Here: C2 in Browser Isolation Environments Feedly Summary: Written by: Thibault Van Geluwe de Berlaere Executive Summary Browser isolation is a security technology where web browsing activity is separated from the user’s local device by running the browser in a secure environment,…

The Register: China’s Volt Typhoon crew and its botnet surge back with a vengeance

Nov 13, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/13/china_volt_typhoon_back/ Source: The Register Title: China’s Volt Typhoon crew and its botnet surge back with a vengeance Feedly Summary: Ohm, for flux sake China’s Volt Typhoon crew and its botnet are back, compromising old Cisco routers once again to break into critical infrastructure networks and kick off cyberattacks, according to security researchers.… AI…

Cisco Talos Blog: Writing a BugSleep C2 server and detecting its traffic with Snort

Oct 30, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/writing-a-bugsleep-c2-server/ Source: Cisco Talos Blog Title: Writing a BugSleep C2 server and detecting its traffic with Snort Feedly Summary: This blog will demonstrate the practice and methodology of reversing BugSleep’s protocol, writing a functional C2 server, and detecting this traffic with Snort. AI Summary and Description: Yes Summary: The text provides an in-depth…

Tag: C2 server

Unit 42: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia

Cloud Blog: Backscatter: Automated Configuration Extraction

Cloud Blog: (QR) Coding My Way Out of Here: C2 in Browser Isolation Environments

The Register: China’s Volt Typhoon crew and its botnet surge back with a vengeance

Cisco Talos Blog: Writing a BugSleep C2 server and detecting its traffic with Snort