The Cybereason Nocturnus IR team support our customers with decades of combined experience in Digital Forensics and Incident Response (DFIR), Threat Hunting, Malware Analysis, Reverse Engineering, Red Teaming, and more. We respond to intrusions and security incidents worldwide, helping customers discover if they have been breached, and assess how effective their defenses are through emergency IR, proactive Compromise Assessments and Security Validation/Red Teaming services. The Cybereason Nocturnus IR team leverage the advanced functionality of the Cybereason Endpoint Protection Platform in concert with bespoke tooling designed to scale to the speed and impact of modern threats and reverse the adversary advantage.
After exploitation of ProxyShell, attackers used Exchange to distribute phishing emails with the QBot payload and DatopLoader, a loader previously used to distribute the Cobalt Strike malware...
January 11, 2022 / 10 minute read
