'/%3e%3cpath%20d='M50.3943%2022.237V39.5876H43.5185V22.7481C43.5185%2019.2029%2042.0411%2017.3949%2039.036%2017.3949C35.7325%2017.3949%2034.0778%2019.5338%2034.0778%2023.7585V32.9759H27.2434V23.7585C27.2434%2019.5338%2025.5857%2017.3949%2022.2822%2017.3949C19.2949%2017.3949%2017.8027%2019.2029%2017.8027%2022.7481V39.5876H10.9298V22.237C10.9298%2018.6918%2011.835%2015.8754%2013.6453%2013.7877C15.5128%2011.7049%2017.9623%2010.6355%2021.0028%2010.6355C24.522%2010.6355%2027.1813%2011.9885%2028.9542%2014.6917L30.665%2017.5633L32.3788%2014.6917C34.1517%2011.9885%2036.811%2010.6355%2040.3243%2010.6355C43.3619%2010.6355%2045.8114%2011.7049%2047.6847%2013.7877C49.4931%2015.8734%2050.3963%2018.6899%2050.3943%2022.237Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_89_8'%20x1='30.5'%20y1='0'%20x2='30.5'%20y2='65'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%236364FF'/%3e%3cstop%20offset='1'%20stop-color='%23563ACC'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
Brad<p>Post I wrote for my employer at <a href="https://www.linkedin.com/posts/unit42_ssload-cobaltstrike-timelythreatintel-activity-7187091840968351744-xqe-" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/posts/unit42_sslo</span><span class="invisible">ad-cobaltstrike-timelythreatintel-activity-7187091840968351744-xqe-</span></a> and <a href="https://twitter.com/Unit42_Intel/status/1781326222019932535" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">twitter.com/Unit42_Intel/statu</span><span class="invisible">s/1781326222019932535</span></a></p><p>024-04-18 (Thursday): <a href="https://infosec.exchange/tags/SSLoad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSLoad</span></a> infection leads to <a href="https://infosec.exchange/tags/CobaltStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CobaltStrike</span></a> DLL. In this case we saw no follow-up Cobalt Strike C2 traffic. List of indicators available at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-04-18-IOCs-from-SSLoad-infection-with-Cobalt-Strike-DLL.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/PaloAltoNetworks/Un</span><span class="invisible">it42-timely-threat-intel/blob/main/2024-04-18-IOCs-from-SSLoad-infection-with-Cobalt-Strike-DLL.txt</span></a></p><p>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pcap</span></a> of the <a href="https://infosec.exchange/tags/SSLoad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSLoad</span></a> infection traffic leading to the <a href="https://infosec.exchange/tags/CobaltStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CobaltStrike</span></a> DLL along with the associated malware/artifacts are available at <a href="https://malware-traffic-analysis.net/2024/04/18/index.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">malware-traffic-analysis.net/2</span><span class="invisible">024/04/18/index.html</span></a></p>
101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.
Administered by:
Server stats:
508active users
101010.pl: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-beta.1
#ssload
0 posts · 0 participants · 0 posts today
Brad<p>A social media post I authored for my employer at <a href="https://www.linkedin.com/posts/unit42_contactforms-ssload-wirshark-activity-7185786751922192384-JPBX" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/posts/unit42_cont</span><span class="invisible">actforms-ssload-wirshark-activity-7185786751922192384-JPBX</span></a> and <a href="https://twitter.com/Unit42_Intel/status/1780021135813337366" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">twitter.com/Unit42_Intel/statu</span><span class="invisible">s/1780021135813337366</span></a></p><p>2024-04-15 (Monday): <a href="https://infosec.exchange/tags/ContactForms" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ContactForms</span></a> campaign pushing <a href="https://infosec.exchange/tags/SSLoad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSLoad</span></a> malware as early as Thursday, 2024-04-11. List of indicators available at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-04-15-IOC-for-Contact-Forms-campaign-SSLoad-activity.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/PaloAltoNetworks/Un</span><span class="invisible">it42-timely-threat-intel/blob/main/2024-04-15-IOC-for-Contact-Forms-campaign-SSLoad-activity.txt</span></a></p><p>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pcap</span></a> of the <a href="https://infosec.exchange/tags/SSLoad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSLoad</span></a> malware infection traffic, along with the associated malware and artifacts, is available at <a href="https://malware-traffic-analysis.net/2024/04/15/index.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">malware-traffic-analysis.net/2</span><span class="invisible">024/04/15/index.html</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload