Zardoor Backdoor Alert: Threat Actors Target Islamic Charity

In recent cyber threat intelligence developments, an unnamed Islamic non-profit organization based in Saudi Arabia has fallen victim to a covert cyber-espionage campaign employing a previously unknown backdoor named Zardoor. Discovered by ...
Calling Home, Get Your Callbacks Through RBI

Calling Home, Get Your Callbacks Through RBI

Authored By: Lance B. Cain and Alexander DeMineOverviewRemote Browser Isolation (RBI) is a security technology which has been gaining popularity for large businesses securing their enterprise networks in recent years. This blog ...
Screenshot of original infection email from Unit 42

Emotet C2 and Spam Traffic Video

This video covers a life cycle of an Emotet infection, including initial infection, command-and-control traffic, and spambot activity sending emails with malicious spreadsheet attachments to infect new victims. The video cannot be ...
Corelight Sensors detect the ChaChi RAT

Corelight Sensors detect the ChaChi RAT

By Paul Dokas, Keith Jones, Anthony Kasza, Yacin Nadji, & Vern Paxson – Corelight Labs Team Recently Blackberry analyzed a new GoLang Remote Access Trojan (RAT) named “ChaChi.” This sample was interesting ...

What Is a Security Operations Center (SOC)?

Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This ...

World’s first 100G Zeek sensor

By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...

Introducing the C2 Collection and RDP inferences

By Vince Stoffer, Senior Director, Product Management, Corelight We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software ...

C2 detections, RDP insights and NDR at 100G

By John Gamble, Director of Product Marketing, Corelight Today I am excited to announce Corelight’s v21 release, which delivers dozens of powerful C2 detections, extends analyst visibility around RDP connections, and helps ...

How do you know?

By Charles Strauss, Senior Brand Copywriter, Corelight Can you be sure attackers aren’t hiding in your encrypted traffic? Can your investigators go back 18 months ago to find what they need? Do ...
DNS over TLS and DNS over HTTPS

DNS over TLS and DNS over HTTPS

By Jamie Brim, Corelight Security Researcher In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). DoT and DoH were invented to address privacy concerns associated with cleartext ...