SANS Internet Storm Center, InfoCON: green

Decoding Cobalt Strike Traffic, (Sun, Apr 18th)

2021-04-18 13:04

Read the original article: Decoding Cobalt Strike Traffic, (Sun, Apr 18th)

In diary entry “Example of Cleartext Cobalt Strike Traffic (Thanks Brad)” I share a capture file I found with unencrypted Cobalt Strike traffic. The traffic is unencrypted since the malicious actors used a trial version of Cobalt Strike.

Read the original article: Decoding Cobalt Strike Traffic, (Sun, Apr 18th)

← BazarLoader Malware: Abuses Slack and BaseCamp Clouds

Security Affairs newsletter Round 310 →


10.4K	8K	100+	500+

Read the original article: Decoding Cobalt Strike Traffic, (Sun, Apr 18th)

Read the original article: Decoding Cobalt Strike Traffic, (Sun, Apr 18th)

Related

Post navigation