@infosec_jcp ๐Ÿˆ๐Ÿƒ done differentlyDec 20, 2024

#GammaGroup clients use

๐Ÿ”Ž UDP port 123 ๐Ÿ”

as default #RedTeam data #exfiltration ports

#gammagroup #finfsher #finspy #infosec #memes
#BlueTeam
#statesponsoredmalware โ˜ฃ๏ธ๐Ÿคณ๐Ÿโ˜ฃ๏ธ

Update: Add logging before implementing BLOCKING the #exfil shim, obviously. โ˜ฃ๏ธ๐Ÿคณ๐Ÿ”Ž๐Ÿโ˜ฃ๏ธ๐Ÿ”๐Ÿง