Active Adversary Playbook 2022 Insights: Web Shells
Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.
Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.
Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021
An unpatched Microsoft Exchange Server let both ransomware actors in; Karma just stole data, while Conti encrypted.
While Squirrelwaffle leveraged Exchange to spread malspam through hijacked email threads, one thread was spirited away by attackers to trick the target into a money transfer