Threat Actor “Cold River”: Network Traffic Analysis and a Deep Dive on Agent Drable
Executive Summary While reviewing some network anomalies, we recently uncovered Cold River, a sophisticated threat actor making malicious use of DNS tunneling for command and control activities. We have been able to decode the raw traffic in command and control, find sophisticated lure documents used in...