Labs Team, Author at Lastline

Threat Actor “Cold River”: Network Traffic Analysis and a Deep Dive on Agent Drable

Posted by Quentin Fois and Labs Team ON Jan 11, 2019

Executive Summary While reviewing some network anomalies, we recently uncovered Cold River, a sophisticated threat actor making malicious use of DNS tunneling for command and control activities. We have been able to decode the raw traffic in command and control, find sophisticated lure documents used in...

Tales From the Field: The Surge of Agent Tesla

Posted by Labs Team ON Aug 28, 2018

While it is normal to see a positive trend in terms of number of artifacts analyzed by our engines, a stark increase might in some cases be the telltale sign of a shift in the threat landscape. Just recently, our threat intelligence telemetry alerted us...

From Russia(?) with Code

Posted by Labs Team ON Mar 9, 2018

The Olympic Destroyer cyberattack is a very recent and notable attack by sophisticated threat actors against a globally renowned 2-week sporting event that takes place once every four years in a different part of the world. Successfully attacking the Winter Olympics requires motivation, planning, resources...

Threat Actor “Cold River”: Network Traffic Analysis and a Deep Dive on Agent Drable

Tales From the Field: The Surge of Agent Tesla

From Russia(?) with Code

LATEST PRESS RELEASES

Lastline Unveils Defender 9.0 to Enhance Public Cloud Workload Security

MEDIA MENTIONS

Containers and Security: Complexity Makes it Easy to Overlook Problems

FROM THE BLOG

SANS 2019 Threat Hunting Survey Shows SOCs Relying Too Much on SIEM Alerts