Tuesday, October 19, 2021

Threat hunting with Osquery, Part Two

Part Two – Command and Control

After gaining initial access to a device, the attackers try to establish command and control (C&C, C2) over the device with the aim to use it in following stages of the attack. For this purpose, attackers often launch malicious processes, hunting for which is the topic of this part of our blog series. We will show Osquery queries helpful in identifying processes with suspicious network activity, which can serve the attackers for easy backdoor access to the device….

Read More

Latest news
Related news