Technical Whitepaper: Fileless Cryptomining and the Kitchen Sink

Carbon Black recently investigated a series of ongoing PowerShell attacks leveraging several whitelisting bypasses and weaponized open source pentesting tools...

Hi john, Carbon Black's Threat Research & Analysis Unit recently investigated a series of ongoing PowerShell attacks leveraging several whitelisting bypasses and weaponized open source pentesting tools, including "Squiblydoo." PowerShell execution was detected with Base64 encoded commands, communicating over the network to download and execute scripts directly from Github, spreading laterally via internal network connections, invoking cryptominers, and making international network connections via Tor exit nodes. This malicious behavior was evident on domain controllers and reimaged machines were persistently & immediately reinfected. To learn more check out this technical whitepaper: Fileless Cryptomining and the Kitchen Sink.

Read Now

Unsubscribe  |  Privacy Policy Copyright © 2019 Carbon Black, Inc. All rights reserved. Carbon Black is located at 1100 Winter Street, Waltham, MA 02451 United States

                                                           

This email was sent to jonsan98@gmail.com. If you no longer wish to receive these emails you may unsubscribe at any time.