In this episode, we discuss Cloudflare IP's being banned in Austria due to overzealous Copyright enforcement, how attackers are moving off of Cobalt Strike as it's getting too well known, and finally Stego! Yes, that's right, all of that CTF experience in stegonagraphy will finally come in handy! Attackers were spotted downloading malware hidden in the cert of a JPG.
Article 1 - Pirate sites ban in Austria took down Cloudflare CDNs by mistake
Supporting Links:
How content delivery networks (CDNs) work
Wahrnehmung von Leistungsschutzrechten GmbH - Informationen
Article 2 - Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework
Supporting Links:
A How-To Guide for Using Sliver
Article 3 - James Webb telescope images used to hide malware
Supporting Links:
How to monitor/detect Microsoft Office macro execution?
Command line process auditing
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
Our episode last week went so long, we split it into two. We continue the conversation this week discussing a study showing that simulated...
In this episode, we discuss a Kill Chain-like model for Social Engineering attacks. We were going to do two articles, but we went deep. ...
A security analytics platform is usually central to many companies security monitoring strategy. Forrester released a new Wave that discusses the current landscape and...