Devon Ackerman的动态

Global #DFIR Services Leader | Threats, Trends and Tactics Speaker | Author | Board Advisor

1 个月已编辑

CUCKOO SPEAR Part 1: Analyzing #NOOPDOOR from an #IR Perspective This Threat Analysis Report will delve into a newly discovered nation-state level threat Campaign tracked by Cybereason as #Cuckoo Spear. It will outline how the associated Threat Actor persists stealthily on their victims' network for years, highlighting strategies used across Cuckoo Spear and how defenders can detect and prevent these attacks. In this report, Cybereason confirms the ties between Cuckoo Spear and #APT10 Intrusion Set by tying multiple incidents together and disclosing new information about this group’s new arsenal and techniques.

CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective

cybereason.com

1 条评论

Devon Ackerman

Global #DFIR Services Leader | Threats, Trends and Tactics Speaker | Author | Board Advisor

1 个月

Kotaro O. Jin Ito Lo?c Castel

要查看或添加评论，请登录

最相关的动态

inSOC

880 位关注者
8 个月
举报此动态
Sadly, botnets wasn't a cool 80s kids TV show. Instead, they're a massive headache for MSSPs, being used to launch a variety of attacks, from data breaches to DDoS attacks. To battle them off, MSSPs will need to use multiple attack paths. EDR is essential for identifying botnets, and threat intelligence can help to prevent their attacks. Network segmentation can also limit the damage caused by botnets. It's a slugfest, but all's fair in love and cyberwar: https://bit.ly/3TbqyjO #Botnets #EDR #Cyberattack #MSSP
赞评论
要查看或添加评论，请登录
Kevin Knapp

Regional Sales Manager at Crowdstrike
8 个月
举报此动态
In 2023, CrowdStrike Counter Adversary Operations observed well-known malware families updating and improving their evasion tactics. Take a closer look and learn more about five threat actors families that have been disrupting the LATAM market and beyond. https://lnkd.in/eSTq29fM

LATAM Malware Variants - 2023 Technical Updates | CrowdStrike

1 条评论
赞评论
要查看或添加评论，请登录
Kevin Walters

Helping business leaders protect their organizations from threat actors.
8 个月
举报此动态
In 2023, CrowdStrike Counter Adversary Operations observed well-known malware families updating and improving their evasion tactics. Take a closer look and learn more about five threat actors families that have been disrupting the LATAM market and beyond. https://lnkd.in/e9YX-YpQ

LATAM Malware Variants - 2023 Technical Updates | CrowdStrike
赞评论
要查看或添加评论，请登录
Germán Jara

Regional Sales Engineer | SOLA | CISM.
9 个月
举报此动态
In 2023, CrowdStrike Counter Adversary Operations observed well-known malware families updating and improving their evasion tactics. Take a closer look and learn more about five threat actors families that have been disrupting the LATAM market and beyond. https://lnkd.in/eyps36uj

LATAM Malware Variants - 2023 Technical Updates | CrowdStrike
赞评论
要查看或添加评论，请登录
Philip B. L.

VP, Global Corporate Sales Engineering at CrowdStrike
9 个月
举报此动态
In 2023, CrowdStrike Counter Adversary Operations observed well-known malware families updating and improving their evasion tactics. Take a closer look and learn more about five threat actors families that have been disrupting the LATAM market and beyond. https://lnkd.in/eVfpj2xD

LATAM Malware Variants - 2023 Technical Updates | CrowdStrike
赞评论
要查看或添加评论，请登录
CyberKnight

52,419 位关注者
4 个月
举报此动态
Fasoo: Your critical information assets can be just as vulnerable as they are valuable. Be proactive and prevent insider leaks with Fasoo Enterprise DRM to save your organization from costly consequences. To learn more about effective prevention of insider threats, >> visit https://lnkd.in/eF2y_CG5 >> follow @fasoo_global on Instagram #insiderthreat #datasecurity #databreach #dataprotection #dataleak #Fasoo
赞评论
要查看或添加评论，请登录
CyberKnight

52,419 位关注者
4 个月
举报此动态
Fasoo: Your critical information assets can be just as vulnerable as they are valuable. Be proactive and prevent insider leaks with Fasoo Enterprise DRM to save your organization from costly consequences. To learn more about effective prevention of insider threats, >> visit https://lnkd.in/eF2y_CG5 >> follow @fasoo_global on Instagram #insiderthreat #datasecurity #databreach #dataprotection #dataleak #Fasoo
赞评论
要查看或添加评论，请登录
Black Hills Information Security

120,042 位关注者
9 个月
举报此动态
Hey folks! In this free one-hour Black Hills Information Security (BHIS) webcast, Corey Ham will share his knowledge and experience gained from leading the continuous penetration testing (CPT) team at BHIS. ? Thursday, February 1st - 1:00 PM EST (UTC -5) Register: https://lnkd.in/eaXQk2yp He'll talk about what N-days are, why they matter, and then outline a process to discover and exploit N-days against a corporate target. ? Defenders, learn from the attackers. ? Red Teamers, learn from your peers. ? Tools used will include Shodan, Nuclei, and many others. Show up early for pre-show banter!

Discovering and Exploiting N-Days w/ Corey Ham

events.zoom.us
赞评论
要查看或添加评论，请登录
Fasoo

1,531 位关注者
4 个月
举报此动态
Your critical information assets can be just as vulnerable as they are valuable. Be proactive and prevent insider leaks with Fasoo Enterprise DRM to save your organization from costly consequences. To learn more about effective prevention of insider threats, >> visit https://lnkd.in/eF2y_CG5 >> follow @fasoo_global on Instagram #insiderthreat #datasecurity #databreach #dataprotection #dataleak #Fasoo
赞评论
要查看或添加评论，请登录

6,261 位关注者

查看档案关注

Devon Ackerman的动态

CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective

cybereason.com

更多文章

The Effect of Ransomware After the Investigation

Managed Detection and Response

AboutDFIR.com - Redesigned for 2019