placeholder

APT Encounters of the Third Kind

A few weeks ago an ordinary security assessment turned into an incident response whirlwind. It was definitely a first for me, and I was kindly granted permission to outline the events in this blog post. This investigation started scary but turned out be quite fun, and I hope reading it will be infor...

Click to view the original at igor-blue.github.io

Hasnain says:

Really well written and engaging story of an ongoing effort to reverse engineer and identify a pretty complex security breach.

“We found a bunch of malware sitting in the network collecting PII information from incoming HTTPS connection after they are decoded in a GOlang app. The data is exfiltrated through the malware network and eventually is sent to the bad guys. We have more info but I am still working on it, expect another blog post in the future with more details, samples, etc’.”

Posted on 2021-03-28T07:52:17+0000