blueteamsec

562 readers

12 users here now

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

founded 2 years ago

MODERATORS

digicat

AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows (www.trendmicro.com)

submitted 1 day ago by digicat to c/blueteamsec

1 comments fedilink hide all child comments

top 1 comments

sorted by: hot top controversial new old

[–] anamethatisnt@lemmy.world 1 points 23 hours ago

I'm finding very little about the initial infection vector. How does it infect a machine?

Also port 53/udp is an interesting choice for communicating. Many enterprises redirect that to their internal dns.

permalink
fedilink
source