Published by The RSM Defense Threat Hunting Team Author: Justin Dolgos - Sr. Threat Hunter MITRE ATT&CK: T1204.002 · T1059 · T1218 · T1219 · T1222 ⚠ TLDR Executive Summary Our threat hunters built a custom detection that ... READ MORE
Main Content
From the War Room Blog
Fake Captcha Chains – Portable Behaviors, Practical Detections, And Field Notes
Executive Summary RSM Defense’s Threat Hunting Team performed a focused investigation after reviewing recent intelligence on the “Fake CAPTCHA” campaign. Our hypothesis was: “If the actor is in the environment, we may observe escaped or ... READ MORE
Threat Hunt Report: CORNFLAKE.V3 Backdoor with Remote Code Execution Capability
Executive Summary This document presents the results of a targeted threat hunt conducted in search of tactics, techniques, and procedures (TTPs) associated with the CORNFLAKE.V3 backdoor. During the investigation, a backdoor with remote code ... READ MORE
Threat Hunting Win: Uncovering Multi-Stage Malware from RMM Abuse
At RSM Defense, we embrace a proactive approach to cybersecurity. Instead of waiting for alerts to trigger a response, our Threat Hunting team regularly conducts hypothesis-driven investigations. These investigations are designed to uncover subtle ... READ MORE
Securing Tomorrow: Evaluating Cyber Catastrophe
On each Friday for the month of February, RSM’s Julia Polyak will be providing an article on the future of cyber-attacks and cyber-warfare, and how organizations can remain aware of emerging threats in this landscape. Please note that the views ... READ MORE
The Weakest Link: Bridging the Gap Between Tech and People
On each Friday for the month of February, RSM’s Julia Polyak will be providing an article on the future of cyber-attacks and cyber-warfare, and how organizations can remain aware of emerging threats in this landscape. In the continuous struggle to ... READ MORE