2024-04-15 (Monday): #ContactForms campaign pushing #SSLoad malware as early as Thursday, 2024-04-11. List of indicators available at bit.ly/49Cz1kL
#Wirshark #Unit42ThreatIntel #TimelyThreatIntel #InfectionTraffic
#ln -s :malware_traffic: RT Unit 42: 2023-10-23 (Monday): #404tds URL chain leads to infection by #Async RAT variant. Indicators from this #Async #RAT infection available at bit.ly/499siju.
#Unit42ThreatIntel #TimelyThreatIntel
2024-03-26 (Tuesday) #Malvertising : Google ad leads to fake funds claim site, which leads to #Matanbuchus infection with #Danabot . Indicators available at bit.ly/49bCjeQ
#Unit42ThreatIntel #TimelyThreatIntel #Wireshark #InfectionAnalysis #Pcaps
2024-04-18 (Thursday): #SSLoad infection leads to #CobaltStrike DLL. In this case we saw no follow-up Cobalt Strike C2 traffic. List of indicators available at bit.ly/3Q9SORR
#TimelyThreatIntel #Unit42ThreatIntel #Wireshark #InfectionAnalysis