Just Another Blue Teamer
Just Another Blue Teamer

@LeeArchinal@ioc.exchange

A threat hunter that has a passion for logs, especially endpoint logs, and for teaching the next generation of Threat Hunters to come!

I have recently been awarded the honor to be a trainer at

#BlackHat
 2023, which is an amazing opportunity and a goal I had set for myself. I am truly flattered!

@ArchinalLee
November 18, 2022

Happy Monday everyone!

CrowdStrike is reminding us that just because some of us use Macs, doesn't mean we are malware proof! In this case the cybercriminal group dubbed

#COOKIESPIDER
 was deploying their stealer known as
#SHAMOS
.

Using a combination of malvertising and the

#ClickFix
technique, the group would trick their victim's into installing the Shamos stealer which leads to it running "host reconnaissance and data collection tasks, including searching for known cryptocurrency-related wallet files and sensitive credential-based files on disk".

As always, take a read for yourself to see all the details I left out! Enjoy and Happy Hunting!

Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery on macOS
crowdstrike.com/en-us/blog/fal

Intel 471 Cyborg Security, Now Part of Intel 471

#ThreatIntel
#ThreatHunting
#ThreatDetection
#HappyHunting
#readoftheday

Elk Logo

Welcome to Elk!

Elk is a nimble Mastodon web client. You can login to your Mastodon account and use it to interact with the fediverse.

Expect some bugs and missing features here and there. Elk is Open Source and we're actively improving it as a community project. Join us and let's build it together!

If you'd like to report a bug, help us testing, give feedback, or contribute, reach out to us on GitHub and get involved.

To boost development, you can sponsor the Team through GitHub Sponsors. We hope you enjoy Elk!

Daniel RoeJoaquín Sánchez三咲智子 Kevin DengPatakAnthony FuTAKAHASHI Shuuji

The Elk Team