Source |
CISCO Talos |
Identifiant |
1930313 |
Date de publication |
2020-09-20 21:01:02 (vue: 2020-09-21 14:05:15) |
Titre |
New Snort, ClamAV coverage strikes back against Cobalt Strike |
Texte |
By Nick Mavis. Editing by Joe Marshall and Jon Munshaw.
Cisco Talos is releasing a new research paper called “The Art and Science of Detecting Cobalt Strike.”
We recently released a more granular set of updated SNORTⓇ and ClamAVⓇ detection signatures to detect attempted obfuscation and exfiltration of data via Cobalt Strike, a common toolkit often used by adversaries.
Cobalt Strike is a “paid software platform for adversary simulations and red team operations.” It is used by professional...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Envoyé |
Oui |
Condensat |
adversaries adversary against art attempted back beginning blog called cisco clamav clamavⓡ cobalt common complete coverage data detect detecting detection editing entry exfiltration granular joe jon marshall mavis more munshaw new nick obfuscation often only operations paper platform please professional recently red released releasing research science set signatures simulations snort snortⓡ software strike strikes talos team toolkit updated used visit “paid “the |
Tags |
|
Stories |
|
Notes |
|
Move |
|