On Wednesday February 24th Novetta released Operation Blockbuster, a report that describes how a Novetta-led coalition of private industry partners Novetta’s Threat Research & Interdiction Group (TRIG), identified…
Author: Peter VanBuskirk
Advanced Methods to Detect Advanced Attacks: Unknown Service
This post is the tenth and last of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze…
Advanced Methods to Detect Advanced Cyber Attacks: Two Degrees of Separation
This post is the ninth of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
Advanced Methods to Detect Advanced Cyber Attacks: Suspicious Admin Toolkits
This post is the eighth of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic…
Advanced Methods to Detect Advanced Cyber Attacks: Relay Finder
This post is the seventh of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
Advanced Methods to Detect Advanced Cyber Attacks: RDP Keyboard Layout
This post is the sixth of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
Advanced Methods to Detect Advanced Cyber Attacks: Protocol Abuse
This post is the fifth of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
Advanced Methods to Detect Advanced Cyber Attacks: Port Scanners
This post is the fourth of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
Advanced Methods to Detect Advanced Cyber Attacks: HTTP(S) Exfiltration
This post is the third of a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
Advanced Methods to Detect Advanced Cyber Attacks: Distant Admin
This post is the second in a multi-part series called Advanced Methods to Detect Advanced Cyber Attacks. The series explores advanced investigative analytic searches that analyze network traffic and…
