The Lapsus$ hacking group has targeted (and successfully breached) a number of high-profile technology groups. It first gained the spotlight for a ransomware attack against the Brazilian Ministry of Health at the end of 2021, and has been quite busy since, targeting high-profile technology companies.
Threat intel is broken. As we’ve spoken about before, generic threat intel wastes a lot of time. It’s not efficient, and often it’s not even effective.
Profiling adversaries is a common strategy in the world of crime, but it can also apply to cyber criminals. With a good criminal profile, you’re building a card that has the tools, techniques and procedures that an adversary is using.
“The opportunity to secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself.
Cobalt Strike is a penetration testing tool that allows attackers to deploy beacons on a victim’s machine. It is used in the post-exploitation stage, and it allows attackers to move laterally, escalate privileges, and other useful actions.