Threat Assessment: Luna Moth Callback Phishing Campaign
Unit 42 investigates Luna Moth/Silent Ransom Group callback phishing extortion campaign that targeted businesses in multiple sectors. The post Threat Assessment: Luna Moth Callback Phishing Campaign...
View ArticleUnit 42 Wireshark Quiz, January 2023
The January 2023 Wireshark quiz analyzes a pcap of network traffic from an Agent Tesla-style infection. The post Unit 42 Wireshark Quiz, January 2023 appeared first on Unit 42.
View ArticleAnswers to Unit 42 Wireshark Quiz, January 2023
The January 2023 Wireshark quiz analyzes a pcap of network traffic from an Agent Tesla-style infection. This post details the answers. The post Answers to Unit 42 Wireshark Quiz, January 2023 appeared...
View ArticleUnit 42 Wireshark Quiz, February 2023
February 2023's Wireshark quiz gives analysts the chance to write an incident report after reviewing real-world traffic from a live setting. The post Unit 42 Wireshark Quiz, February 2023 appeared...
View ArticleAnswers to Unit 42 Wireshark Quiz, February 2023
The answers post to February 2023's Wireshark quiz critiques a written incident report after reviewing real-world traffic from a live setting. The post Answers to Unit 42 Wireshark Quiz, February 2023...
View ArticleFinding Gozi: Unit 42 Wireshark Quiz, March 2023
The March installment of our popular Wireshark tutorial series focuses on Gozi malware and identifying its distinct traffic patterns. The post Finding Gozi: Unit 42 Wireshark Quiz, March 2023 appeared...
View ArticleFinding Gozi: Answers to Unit 42 Wireshark Quiz, March 2023
Our follow-up March Wireshark quiz details the Gozi variant traffic analysis. Review and then compare your answers. The post Finding Gozi: Answers to Unit 42 Wireshark Quiz, March 2023 appeared first...
View ArticleCold as Ice: Unit 42 Wireshark Quiz for IcedID
IcedID is a known vector for ransomware. Analyze infection traffic from this banking trojan in our latest Wireshark tutorial. The post Cold as Ice: Unit 42 Wireshark Quiz for IcedID appeared first on...
View ArticleCold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
This is the follow-up post to our Wireshark quiz on an IcedID infection. We provide the answers on the traffic, victim and more in this full pcap analysis. The post Cold as Ice: Answers to Unit 42...
View ArticleCrossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer
RedLine stealer harvests credentials and other data from a Windows host. Part one of this Wireshark tutorial analyzes RedLine traffic to determine what data was stolen. The post Crossing the Line: Unit...
View ArticleWireshark Tutorial: Changing Your Column Display
Unit 42 shares a lesson on customizing Wireshark to better meet security researcher needs. The post Wireshark Tutorial: Changing Your Column Display appeared first on Unit 42.
View ArticleRedLine Stealer: Answers to Unit 42 Wireshark Quiz
Part two of our RedLine Stealer Wireshark quiz walks analysts through understanding a malware infection, from interpreting malicious traffic to identifying targeted data. The post RedLine Stealer:...
View ArticleWireshark Tutorial: Display Filter Expressions
This is a tutorial about using Wireshark, a follow-up to "Customizing Wireshark – Changing Your Column Display." It offers guidelines for using Wireshark filters to review and better understand pcaps...
View ArticleWireshark Tutorial: Identifying Hosts and Users
When a host is infected or otherwise compromised, security professionals need to quickly review packet captures of suspicious network traffic to identify affected hosts and users. This tutorial offers...
View ArticleWireshark Tutorial: Exporting Objects From a Pcap
This Wireshark tutorial guides the reader in exporting different packet capture objects. It builds on a foundation of malware traffic analysis skills. The post Wireshark Tutorial: Exporting Objects...
View Article