The DFIR Report (@TheDFIRReport )

The DFIR Report

Bio real intrusions by real attackers, the truth behind the intrusion
Tweets 23
Followers 587
Following 18
Account created 03-04-2020 01:33:43
ID 1245886895458078722

Twitter Web App : Earlier this month we saw a #trickbot infection #gtag man6 pivot to drop Cobalt Strike and PyXie malware. Full IOCs available in MISP Priv.

Check out the infection chain and TTPs in the write up below: