| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
One of the biggest problems many in this industry have is taking advantage of good Intelligence sources such as Virus Total and using it to stay one step ahead of the attacker. If you get some intel how far can you really pivot with that information? If you can write yara rules not only can you track these waves of phishing campaigns you can actually stop them. I will show you some research I have been working on and how I can take one phishing document and find thousands more just like it to identify all of the c2 servers, not just one or two. Get ready to track the threat groups yourself!
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast