Just Another Blue TeamerHappy Thursday everyone!
The research team at Mandiant (now part of Google Cloud) has released Part 4 of their series, I'd like to take you all back to the first episode where the team discuses the pos exploitation activity. In the first part, they discussed the behaviors of #Lightwire (Web Shell), #Thinspool (Web Shell Dropper), #Warpwire (Credential Harvester), #Wirefire (Web Shell), and #Zipline (Passive backdoor). All of these components played a part in the incident and are detailed in the article! Enjoy and Happy Hunting!
Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation
https://cloud.google.com/blog/topics/threat-intelligence/suspected-apt-targets-ivanti-zero-day
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
