In this episode, we discuss Cloudflare IP's being banned in Austria due to overzealous Copyright enforcement, how attackers are moving off of Cobalt Strike as it's getting too well known, and finally Stego! Yes, that's right, all of that CTF experience in stegonagraphy will finally come in handy! Attackers were spotted downloading malware hidden in the cert of a JPG.
Article 1 - Pirate sites ban in Austria took down Cloudflare CDNs by mistake
Supporting Links:
How content delivery networks (CDNs) work
Wahrnehmung von Leistungsschutzrechten GmbH - Informationen
Article 2 - Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework
Supporting Links:
A How-To Guide for Using Sliver
Article 3 - James Webb telescope images used to hide malware
Supporting Links:
How to monitor/detect Microsoft Office macro execution?
Command line process auditing
If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!
In this episode, we take a deep dive into the new Mandiant sponsored Ponemon Institute report "The Second Annual Study on the Economics of...
This week we discussed XDR. What is it? How much of it is marketing speak? How much should you care? Here are some links...
In this episode, we continue our conversation with Tyler who works with AI and ML. We talk a bit about how attackers may use...
