Proud of our @snapattackHQ research team and their analysis of a real sample for CVE-2024-30051. This privilege escalation attack is actively exploited by #Qakbot and other malware.
Blog: https://t.co/vhljg0GT1y
Video: https://t.co/CI1nEevy0K
Sample: https://t.co/DAIS0TOr3U
Deliver a Strike by Reversing a Badger: #BruteRatel#BRC4 Detection and Analysis
The #Splunk Threat Research Team 🛡 put some good time into this and we believe it will help you now!
https://t.co/u9U6HIZ2h0
#BlueTeam#ThreatHunting
The Highlights 🧵
Likely additional content coming out around #bpfdoor from @snapattackHQ later today or tomorrow. I'd love to do a deep-dive technical blog post and video of some of the features and functions of the implant and controller.
Finally, while some researchers are busy scanning the Internet for compromised hosts themselves, we're releasing a tool to help organizations scan their own systems for #bpfdoor. This sends the "magic packet" and looks for the UDP response with "1".
https://t.co/PnoCpOTeWH
The project @FryGuy2600 & Jonathan have made, appears to be the “holy grail” project that members of infosec community have been thinking and talking about for years:
Running and comparing #AtomicRedTeam tests to @sigma_hq detections, automatically and in bulk.
🤯🤩👍
Dusting off my Twitter and excited to be more active in this awesome infosec community on here. Hoping to contribute back some cool things via @snapattackHQ
🧵
A user in the Bloodhound Slack asked a question about how they could start approaching the task of detecting BH (Sharphound) and it inspired me to write my thoughts on the matter. Since it is buried as a random thread in Slack, I figured I'd share it here as a thread.