Skip to content
  • Analysts
  • Contact Us
  • Services
  • Subscribe

The DFIR Report

Real Intrusions by Real Attackers, The Truth Behind the Intrusion

  • Analysts
  • Contact Us
  • Services
  • Subscribe
Wednesday, February 08, 2023

Category: bumblebee

BumbleBee Zeros in on Meterpreter
adfind bumblebee cobaltstrike Meterpreter

BumbleBee Zeros in on Meterpreter

November 14, 2022

In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector from a Contact Forms campaign. We have previously reported on two BumbleBee intrusions (1, … Read More

BumbleBee: Round Two
adfind bumblebee cobaltstrike Meterpreter

BumbleBee: Round Two

September 26, 2022

In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee has been identified as an initial access vector utilized by several ransomware affiliates. … Read More

BumbleBee Roasts Its Way to Domain Admin
adfind bumblebee cobaltstrike Kerberoast ShareFinder

BumbleBee Roasts Its Way to Domain Admin

August 8, 2022

In this intrusion from April 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee is a malware loader that was first reported by Google Threat Analysis Group … Read More

Tweets by TheDFIRReport

Copyright 2023 | The DFIR Report | All Rights Reserved