Reportar una Violación
Customer Portal
SplitDrop: Inside the Iran-linked APT group Dust Specter campaign
← Volver a Laboratorios
Medium
Malware, APT, Campaign
Defense Evasion, Execution
Windows, Sysmon, EDR

SplitDrop: Inside the Iran-linked APT group Dust Specter campaign

SplitDrop revela cómo el grupo Dust Specter, presuntamente vinculado a Irán, hizo uso indebido de la carga lateral de DLL para acelerar la ejecución y eludir los controles de seguridad, manteniendo así la persistencia y permitiendo una cadena de infección sigilosa que se camuflaba entre el comportamiento de las aplicaciones legítimas.

Download PDF

labs correlati

When Forensics Becomes Offensive: Abuse of FTK Imager in the STAC3725 Tradecraft
Medium
Bypass, Campaign
Defense Evasion
Windows, Sysmon, EDR

When Forensics Becomes Offensive: Abuse of FTK Imager in the STAC3725 Tradecraft

Scopri di più
Learn more
RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation
Medium
Bypass
Privilege Escalation
Windows, Sysmon, EDR

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation

Scopri di più
Learn more
BlueHammer windows Zero-Day
Medium
Bypass
Privilege Escalation
Windows, Sysmon, EDR

BlueHammer windows Zero-Day

Scopri di più
Learn more
1 2 3 5

Contacto

Proteja su negocio

Conózcanos
Sorint.Sec España
A/c Norrsken House Barcelona
Passeig del Mare Nostrum, 15
Ciutat Vella, 08039
Barcelona


+34 691 748976
info@sorintsec.es
Pages
Certificaciones
chevron-right