James Haughom

Including Posts by: Julio Dantas, Julien Reisdorffer
LockBit Ransomware Side Loads Cobalt Strike Beacon With Legitimate VMware Utility 4

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility

Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.

Read More
SolarWinds SunBurst Backdoor  Inside The Stealthy APT Campaign 1

SolarWinds SUNBURST Backdoor: Inside the APT Campaign

A technical analysis of the SUNBURST stealthy APT including processes, services, and drivers. SentinelOne customers protected with no updates or configuration changes.

Read More