Learn how to detect Agent Tesla, which consistently trends at the top of Any.Run’s malware trends list
In recent months STRRAT has become one of the top malware families submitted to Any.Run. Here's how to detect it.
Hunt of the Month: Detecting AsyncRAT Malware Over HTTPS
Take a look at an incident we detected, investigated, triaged, and closed using Corelight at Black Hat Las Vegas 2023.
I ran into a sample of the Gozi banking malware in the wild. This is how I developed an open source detection package to find it with Zeek.
This post explores the 4 key areas outlined in the CISA "Shields Up" memo and examines ways they can be detected with network data.
We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software.
This blog will introduce a method of detecting the Pingback malware in which attackers often hide their communications in ping message payloads.
In this post, we’ll explore DNS over TLS (DoT) and DNS over HTTPS (DoH). Before examining DoT and DoH, it’s important to take a quick look at DNS...