2024-04-15 (Monday): #ContactForms campaign pushing #SSLoad malware as early as Thursday, 2024-04-11. List of indicators available at bit.ly/49Cz1kL

#Wirshark #Unit42ThreatIntel #TimelyThreatIntel #InfectionTraffic

#ln -s :malware_traffic: RT Unit 42: 2023-10-23 (Monday): #404tds URL chain leads to infection by #Async RAT variant. Indicators from this #Async #RAT infection available at bit.ly/499siju.

#Unit42ThreatIntel #TimelyThreatIntel

2024-03-26 (Tuesday) #Malvertising : Google ad leads to fake funds claim site, which leads to #Matanbuchus infection with #Danabot . Indicators available at bit.ly/49bCjeQ

#Unit42ThreatIntel #TimelyThreatIntel #Wireshark #InfectionAnalysis #Pcaps

2024-04-18 (Thursday): #SSLoad infection leads to #CobaltStrike DLL. In this case we saw no follow-up Cobalt Strike C2 traffic. List of indicators available at bit.ly/3Q9SORR

#TimelyThreatIntel #Unit42ThreatIntel #Wireshark #InfectionAnalysis

#ln -s :malware_traffic: Unit 42 Nice to see #TimelyThreatIntel on some of the other stuff my work colleagues run across!