September 2022

Detecting the Manjusaka C2 framework

Sep 29, 2022 By Corelight Labs Team In Corelight

Security practitioners may know about common command-and-control (C2) frameworks, such as Cobalt Strike and Sliver, but fewer have likely heard of the so-called Chinese sibling framework “Manjusaka” (described by Talos in an excellent writeup). Like other C2 frameworks, we studied the Manjusaka implant/server network communications in our lab environment, and here we document some of the detection methods available. We have also open-sourced the content we describe.

Read Post

Corelight

Read more about Detecting the Manjusaka C2 framework

Cloud Insecurities - How to threat hunt in hybrid and multi cloud environments

Sep 27, 2022 By Corelight In Corelight

Amidst a record number of workloads moving to the cloud – security teams must not only confront the cyber-skills shortage, but also a general lack of cloud expertise. Corelight and guest Forrester will share best practices for building threat detection, hunting, and incident response capabilities to the cloud and upskilling your existing SecOps team. Watch this on demand webcast to learn.

View Video

Corelight

Read more about Cloud Insecurities - How to threat hunt in hybrid and multi cloud environments

[Demo Video] Corelight + CrowdStrike Falcon XDR

Sep 26, 2022 By Corelight In Corelight

See how Corelight + CrowdStrike Falcon XDR correlates suspicious telemetry from across attack surfaces to show the full picture of adversary activity, and accelerate detection and response.

View Video

Corelight

Read more about [Demo Video] Corelight + CrowdStrike Falcon XDR

How to Defend Against Threats with Falcon Intelligence

Sep 20, 2022 By CrowdStrike In CrowdStrike

In this video, we will review a Falcon Intelligence use case and see how intelligence automation can help improve incident investigation times and your organization's overall security posture.

View Video

CrowdStrike

Read more about How to Defend Against Threats with Falcon Intelligence

Recognizing and Stopping Insider Threats in the Healthcare Industry

Sep 11, 2022 By Damian Chung In Netskope

As a direct result of COVID-19 burnout, the ongoing Great Resignation trend might be impacting healthcare more than any other industry. Research shows that healthcare has already lost an estimated 20% of its workforce over the past two years. This turnover is happening top-to-bottom throughout organizations. Doctors are switching between hospitals, administrative staff are leaving the industry, and technology teams are being lured away by higher paying jobs in other sectors.

Read Post

Netskope

Read more about Recognizing and Stopping Insider Threats in the Healthcare Industry

SANS Protects: The Network

Sep 8, 2022 By Corelight In Corelight

SANS Protects is a series of papers focused on the most prevalent threats to specific, critical components of your environment as well as actions you can take to mitigate those threats and thwart threat actors. In this webcast, sponsored by Corelight, SANS Certified Instructor Matt Bromiley will examine current, prevalent network threats and how adversaries use them to take advantage of, and maintain footholds in, victim environments.

View Video

Corelight

Read more about SANS Protects: The Network

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2022

Detecting the Manjusaka C2 framework

Cloud Insecurities - How to threat hunt in hybrid and multi cloud environments

[Demo Video] Corelight + CrowdStrike Falcon XDR

How to Defend Against Threats with Falcon Intelligence

Recognizing and Stopping Insider Threats in the Healthcare Industry

SANS Protects: The Network

Monthly Archive

Follow Us