Skip to content
  • Reports
  • Analysts
  • Services
    • Threat Intelligence
    • Detection Rules
    • DFIR Labs
      • Digital Forensics Challenge
      • Leaderboard
      • Digital Forensics Challenge Winners
      • Testimonials
    • Case Artifacts
  • Access DFIR Labs
  • Subscribe
  • Contact Us
  • Threat Intelligence
  • Detection Rules
  • DFIR Labs
    • Digital Forensics Challenge
    • Leaderboard
    • Digital Forensics Challenge Winners
    • Testimonials
  • Case Artifacts

The DFIR Report

Real Intrusions by Real Attackers, The Truth Behind the Intrusion

  • Reports
  • Analysts
  • Services
    • Threat Intelligence
    • Detection Rules
    • DFIR Labs
      • Digital Forensics Challenge
      • Leaderboard
      • Digital Forensics Challenge Winners
      • Testimonials
    • Case Artifacts
  • Access DFIR Labs
  • Subscribe
  • Contact Us
Thursday, October 09, 2025
  • Threat Intelligence
  • Detection Rules
  • DFIR Labs
    • Digital Forensics Challenge
    • Leaderboard
    • Digital Forensics Challenge Winners
    • Testimonials
  • Case Artifacts

Category: bruteratel

From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion
bruteratel cobaltstrike latrodectus

From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion

September 29, 2025

Key Takeaways Private Threat Briefs: 20+ private DFIR reports annually.   Contact us today for pricing or a demo!   Table of Contents: Case Summary Analysts Initial Access Execution Persistence Privilege … Read More

Fake Zoom Ends in BlackSuit Ransomware
blacksuit bruteratel cobaltstrike ransomware sectoprat

Fake Zoom Ends in BlackSuit Ransomware

March 31, 2025

Key Takeaways Case Summary This case from May 2024 started with a malicious download from a website mimicking the teleconferencing application Zoom. When visiting the website and downloading a file … Read More

Reports

Threat Intelligence

Detection Rules

DFIR Labs

Proudly powered by WordPress | Copyright 2023 | The DFIR Report | All Rights Reserved