Threat Actors using TOR to exfiltrate data
Once inside your network, threat actors use tools to exfiltrate data in order to create a ransom using double extortion. In a double extortion situation, the first step is encrypting your data and locking you out and the 2nd step is stealing copies of your data and threatening to release all of this information, including […]
Attackers using Cobalt Strike for Command and Control
Cobalt Strike is a tool for adversary simulations and Red Team Operations, as described on their website. It is used for Infosec teams to replicate the techniques and tactics of an adversary in the network. Recently, threat actors have been getting a hold of the tool and using it for their ransomware operations. Once inside […]