Tag: detection-engineering
All the articles with the tag "detection-engineering".
-
Today's Special: Juicy Nothing-Burger
762 sessions. Rotating AWS infrastructure. Dual C2 channels. Jittered intervals specifically designed to defeat statistical detection. On a cafeteria menu board.
-
PcClient.bal RAT Outbreak: Six Hosts, After-Hours Beaconing, and a Gap in Egress Policy
A single IDS alert turned into a six-host RAT cluster, all beaconing after hours on non-standard ports. The firewall didn't catch it. The IDS did.