Outer Web | Explore

Explore >> Select a destination

You are here		bohops.com Vshadow: Abusing the Volume Shadow Service for Evasion, Persistence, and Active Directory Database Extraction - bohops
\|	\|	www.cybereason.com THREAT ANALYSIS REPORT: Bumblebee Loader - The High Road to Enterprise Domain Control	9.9 parsecs away Travel
\|	\|	Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data...	9.9 parsecs away Travel
\|	\|	www.hexacorn.com Beyond good ol' Run key, Part 52 \| Hexacorn	10.8 parsecs away Travel
\|	\|		10.8 parsecs away Travel
\|	\|	thinkdfir.com I can see and hear you seeing and hearing me! - ThinkDFIR	13.7 parsecs away Travel
\|	\|	In preparation for an upcoming FOR500 class I thought I would test out one of the recent additions to the class. This post by my colleague Zach shows that Win10 1903 and later has a registry key that will store the full path of any executable that utilises the computers camera or microphone. Zach shows...	13.7 parsecs away Travel
\|	\|	blog.talosintelligence.com Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild	130.9 parsecs away Travel
\|		Update History DateDescription of UpdatesDec. 20, 2021 Additional coverage and IOCs; additional detection capabilities for customers via Cisco Global Threat Alerts. Dec. 18, 2021 Additional mitigation guidance; updated coverage information. Dec. 17, 2021 Added additional vulnerability and mitigation information; added section on guidance for developers; timeline. Dec. 16, 2021 Added	130.9 parsecs away Travel