Это видео недоступно.
Сожалеем об этом.
I Smell a RAT - Hunting for AsyncRAT Infections | Threat SnapShot
HTML-код
- Опубликовано: 5 апр 2023
- Attackers have used remote access trojans (RATs) to interact with compromised machines for decades. Maybe you remember playing around with Sub7 or Back Orifice back in the day. There's many more out there today, such as Quasar, Ghost, EvilOSX and AsyncRAT. In this week's Threat SnapShot, we'll dig into AsyncRAT, a popular open-source trojan that is often on the list of most commonly used malware. Most AsyncRAT infections involve complicated, heavily obfuscated or encrypted files that evade common anti-virus and EDR detections. We'll take a look at some of AsyncRAT's capabilities, and discuss detection and threat hunting strategies you can use to prevent an infestation.
References:
- www.splunk.com...
SnapAttack Content:
- app.snapattack... - Threat: AsyncRAT via OneNote
- app.snapattack... - Detection: AsyncRAT Loader
- app.snapattack... - Detection: Suspicious Extracted File from OneNote
- app.snapattack... - Threat: AsyncRAT - Launching Shell
- app.snapattack... - Detection: Possible AsyncRAT
- app.snapattack... - Detection: Possible AsyncRAT Traffic
- app.snapattack... - Threat: AsyncRAT - Get Admin Privileges via UAC
- app.snapattack... - Detection: Possible UAC Bypass with AsyncRAT
