Command And Control

By Paul Dokas, Keith Jones, Anthony Kasza, Yacin Nadji, & Vern Paxson – Corelight Labs Team Recently Blackberry analyzed a new GoLang Remote Access Trojan (RAT) named “ChaChi.” This sample was interesting ...

Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This ...

By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...

By Vince Stoffer, Senior Director, Product Management, Corelight We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software ...

By John Gamble, Director of Product Marketing, Corelight Today I am excited to announce Corelight’s v21 release, which delivers dozens of powerful C2 detections, extends analyst visibility around RDP connections, and helps ...

By Charles Strauss, Senior Brand Copywriter, Corelight Can you be sure attackers aren’t hiding in your encrypted traffic? Can your investigators go back 18 months ago to find what they need? Do ...

By Jamie Brim, Corelight Security Researcher In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). DoT and DoH were invented to address privacy concerns associated with cleartext ...

There are certain sophisticated threat behaviors that are generally considered “impossible” to detect on the network, which are both tedious and challenging for security teams to protect against. These include the use ...

Tremendous Red Team related blog post over at Black Hills Infosec, and superbly crafted by Darin Roberts, and detailing How To C2 over ICMP... Enjoy! ...

Most malware these days has some level of Command and Control. This can be to exfiltrate data, tell the malware what instructions to execute next, or download encryption keys in the case ...