Threat detected: Virus:PUA/AnalystYXBhcGxpbA
A threat was detected from this account.
Date: 1/7/2022 1:49 PM
Details: This account is infected by Vstai
Detect #Kerberos ticket abuse fast: convert hex to binary, apply bitwise ops in #KQL, and hunt for unusual TGT flag sets seen in offensive tools. Read @plehdneS latest blog post here 👇https://t.co/yCZxuo3JE6
Has your company ever been affected by a compromised business email? Read @plehdneS latest blog post, "How to Hunt & Defend Against Business Email Compromise" here 👇
https://t.co/l2B5rCLuxe
2022-10-10 (Monday) - #CobaltStrike from #Qakbot (#Qbot) infection - Cobalt Strike HTTPS server using pigahinilu[.]com on 64.44.102[.]244:443 - IOCs available at: https://t.co/m12p9uqQBb
Dropping some 🔥APT29 observables this afternoon. Updates to our AADInvestigator and white paper too!
https://t.co/2He0cArioL APT29 continues to up their opsec game 🥷 targeting #Microsoft365#DFIR