Common Information
| Type | Value |
|---|---|
| Value |
Encrypted Channel - T1521 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may explicitly employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if necessary secret keys are encoded and/or generated within malware samples/configuration files. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-08 | 35 | Life on a crooked RedLine: Analyzing the infamous infostealer’s backend | ||
| Details | Website | 2024-11-07 | 63 | Weekly Intelligence Report - 08 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-07 | 66 | European diplomats targeted by APT29 (Cozy Bear) with WINELOADER | ||
| Details | Website | 2024-11-07 | 33 | Malicious Inauthentic Falcon Crash Reporter Installer Delivers Malware Named Ciro | ||
| Details | Website | 2024-11-04 | 35 | G700 : The Next Generation of Craxs RAT - CYFIRMA | ||
| Details | Website | 2024-11-04 | 57 | Threat Intelligence Report October 29 - November 4 2024 | Red Piranha | ||
| Details | Website | 2024-10-18 | 18 | The Will of D: A Deep Dive into Divulge Stealer, Dedsec Stealer, and Duck Stealer - CYFIRMA | ||
| Details | Website | 2024-10-18 | 56 | Vietnamese Threat Actor’s Multi-Layered Strategy On Digital Marketing Professionals - Cyble | ||
| Details | Website | 2024-10-17 | 100 | Flying in the clouds: APT31 renews its attacks on Russian companies through cloud storage | ||
| Details | Website | 2024-10-17 | 75 | APT31 new dropper. Target destinations: Mongolia, Russia, the U.S., and elsewhere | ||
| Details | Website | 2024-10-14 | 55 | Hidden In Plain Sight: How ErrorFather Deploys Cerberus To Amplify Cyber Threats | ||
| Details | Website | 2024-10-11 | 71 | Weekly Intelligence Report - 11 Oct 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-10-10 | 9 | AhnLab EDR을 활용한 BPFDoor 리눅스 악성코드 탐지 - ASEC | ||
| Details | Website | 2024-10-09 | 9 | BPFDoor Linux Malware Detected by AhnLab EDR - ASEC | ||
| Details | Website | 2024-10-04 | 0 | Part-1 MITRE ATT&CK Tactic & Techniques & framework | ||
| Details | Website | 2024-10-04 | 34 | VILSA STEALER - CYFIRMA | ||
| Details | Website | 2024-10-03 | 5 | Linux malware “perfctl” behind years-long crypto-mining campaign | ||
| Details | Website | 2024-10-03 | 5 | Linux malware “perfctl” behind years-long cryptomining campaign | ||
| Details | Website | 2024-10-02 | 57 | Separating the bee from the panda: CeranaKeeper making a beeline for Thailand | ||
| Details | Website | 2024-09-28 | 0 | Essential Tips For Effective Business Network Protection | ||
| Details | Website | 2024-09-27 | 123 | Betting on Bots: Investigating Linux malware, crypto mining, and gambling API abuse — Elastic Security Labs | ||
| Details | Website | 2024-09-24 | 0 | A few notes on AWS Nitro Enclaves: Attack surface | ||
| Details | Website | 2024-09-16 | 0 | Incident Response | ||
| Details | Website | 2024-09-13 | 0 | Friends don’t let friends reuse nonces | ||
| Details | Website | 2024-09-13 | 2 | Friends don’t let friends reuse nonces |