Konstantin
@konstantinklinger.bsky.social
š¤ 92
š„ 81
š 0
Threat Detection & Research at Proofpoint
reposted by
Konstantin
Saher
8 months ago
From phishes to hands-on-keyboard commands š„ new
@proofpoint.bsky.social
research from
@nickattfield.bsky.social
and
@konstantinklinger.bsky.social
on Indian state-sponsored actor TA397 (Bitter) with a great story on the steps to technical and political attribution
www.proofpoint.com/us/blog/thre...
loading . . .
The Bitter End: Unraveling Eight Years of Espionage AnticsāPart One | Proofpoint US
This is a two-part blog series, detailing research undertaken in collaboration with Threatray. Part two of this blog series can be found on their website here.Ā Analyst note: Throughout
https://www.proofpoint.com/us/blog/threat-insight/bitter-end-unraveling-eight-years-espionage-antics-part-one
0
11
3
reposted by
Konstantin
Nick Attfield
8 months ago
Dropping some joint research today with Threatray on TA397/Bitter š We dive into the confluence of signals that led us to our attribution of the threat actor šÆ Shoutout to
@konstantinklinger.bsky.social
and Threatray for collaborating on this research.
www.proofpoint.com/us/blog/thre...
loading . . .
The Bitter End: Unraveling Eight Years of Espionage AnticsāPart One | Proofpoint US
This is a two-part blog series, detailing research undertaken in collaboration with Threatray. Part two of this blog series can be found on their website here.Ā Analyst note: Throughout
https://www.proofpoint.com/us/blog/threat-insight/bitter-end-unraveling-eight-years-espionage-antics-part-one
0
11
9
reposted by
Konstantin
Wesley Shields
about 1 year ago
If you like to use python and are interested in YARA rule linting:
0
9
4
reposted by
Konstantin
Nick Attfield
about 1 year ago
Dropping some new research on TA397/Bitter šØ Hidden in Plain Sight | TA397ās New Attack Chain Delivers Espionage RATs Report:
www.proofpoint.com/us/blog/thre...
loading . . .
Hidden in Plain Sight: TA397ās New Attack Chain Delivers Espionage RATs | Proofpoint US
Key findingsĀ Proofpoint observed advanced persistent threat (APT) TA397 targeting a Turkish defense sector organization with a lure about public infrastructure projects in Madagascar.Ā Ā The attack...
https://www.proofpoint.com/us/blog/threat-insight/hidden-plain-sight-ta397s-new-attack-chain-delivers-espionage-rats
2
16
14
reposted by
Konstantin
ThreatInsight
about 1 year ago
Proofpoint has published a report detailing new activity from
#TA397
(AKA Bitter), a prominent South Asian advanced persistent threat (APT) group. The campaign, which took place in November 2024, targeted a defense sector organization in Turkey. Read the blog:
ow.ly/z81o50UshPt
.
loading . . .
Hidden in Plain Sight: TA397ās New Attack Chain Delivers Espionage RATs | Proofpoint US
Key findingsĀ Proofpoint observed advanced persistent threat (APT) TA397 targeting a Turkish defense sector organization with a lure about public infrastructure projects in Madagascar.Ā Ā The attack...
https://ow.ly/z81o50UshPt
1
8
6
you reached the end!!
feeds!
log in
