- Detecting Rclone – An Effective Tool for Exfiltration - detecting rclone via Sigma rules - which is a precursor step for some threat actors to do their exfil before ransomware deployment https://research.nccgroup.com/2021/05/27/detecting-rclone-an-effective-tool-for-exfiltration/ 6 comments netsec
Linking pages
- From ScreenConnect to Hive Ransomware in 61 hours - The DFIR Report https://thedfirreport.com/2023/09/25/from-screenconnect-to-hive-ransomware-in-61-hours/ 4 comments
- CONTInuing the Bazar Ransomware Story – The DFIR Report https://thedfirreport.com/2021/11/29/continuing-the-bazar-ransomware-story/ 2 comments
- Conti-nuation: methods and techniques observed in operations post the leaks – NCC Group Research https://research.nccgroup.com/2022/03/31/conti-nuation-methods-and-techniques-observed-in-operations-post-the-leaks/ 1 comment
- BazarLoader and the Conti Leaks https://thedfirreport.com/2021/10/04/bazarloader-and-the-conti-leaks/ 0 comments
Linked pages
Related searches:
Search whole site: site:research.nccgroup.com
Search title: Detecting Rclone – An Effective Tool for Exfiltration – NCC Group Research
See how to search.