Command And Control - Tagged - Security Boulevard
Corelight Sensors detect the ChaChi RAT

Corelight Sensors detect the ChaChi RAT

By Paul Dokas, Keith Jones, Anthony Kasza, Yacin Nadji, & Vern Paxson – Corelight Labs Team Recently Blackberry analyzed a new GoLang Remote Access Trojan (RAT) named “ChaChi.” This sample was interesting ...

What Is a Security Operations Center (SOC)?

Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This ...

World’s first 100G Zeek sensor

By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...

Introducing the C2 Collection and RDP inferences

By Vince Stoffer, Senior Director, Product Management, Corelight We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software ...

C2 detections, RDP insights and NDR at 100G

By John Gamble, Director of Product Marketing, Corelight Today I am excited to announce Corelight’s v21 release, which delivers dozens of powerful C2 detections, extends analyst visibility around RDP connections, and helps ...

How do you know?

By Charles Strauss, Senior Brand Copywriter, Corelight Can you be sure attackers aren’t hiding in your encrypted traffic? Can your investigators go back 18 months ago to find what they need? Do ...
DNS over TLS and DNS over HTTPS

DNS over TLS and DNS over HTTPS

By Jamie Brim, Corelight Security Researcher In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). DoT and DoH were invented to address privacy concerns associated with cleartext ...
cyberfraud crisis response

Detecting the Impossible: Serverless C2 in the Cloud

There are certain sophisticated threat behaviors that are generally considered “impossible” to detect on the network, which are both tedious and challenging for security teams to protect against. These include the use ...
Security Boulevard
Command and Control Over ICMP: Chronicles of Red Team C2

Command and Control Over ICMP: Chronicles of Red Team C2

Tremendous Red Team related blog post over at Black Hills Infosec, and superbly crafted by Darin Roberts, and detailing How To C2 over ICMP... Enjoy! ...
What is the MITRE ATT&CK™ Framework?

The MITRE ATT&CK Framework: Command and Control

Most malware these days has some level of Command and Control. This can be to exfiltrate data, tell the malware what instructions to execute next, or download encryption keys in the case ...