cobaltstrike

bruteratel cobaltstrike latrodectus
bruteratel, cobaltstrike, latrodectus
From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion
Read more
September 29, 2025
blacksuit bruteratel cobaltstrike
blacksuit, bruteratel, cobaltstrike, ransomware, sectoprat
Fake Zoom Ends in BlackSuit Ransomware
Read more
March 31, 2025
lockbit cobaltstrike ransomware
lockbit, cobaltstrike, ransomware
Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
Read more
January 27, 2025
cobaltstrike more_eggs
cobaltstrike, more_eggs
The Curious Case of an Egg-Cellent Resume
Read more
December 2, 2024
cobaltstrike opendir
cobaltstrike, opendir
Inside the Open Directory of the “You Dun” Threat Group
Read more
October 28, 2024
blackcat cobaltstrike ransomware
blackcat, cobaltstrike, ransomware, sliver
Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware
Read more
September 30, 2024
adfind blacksuit cobaltstrike
adfind, blacksuit, cobaltstrike, ransomware
BlackSuit Ransomware
Read more
August 26, 2024
alphv cobaltstrike icedid
alphv, cobaltstrike, icedid, ransomware
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
Read more
June 10, 2024
dagonlocker adfind cobaltstrike
dagonlocker, adfind, cobaltstrike, icedid
From IcedID to Dagon Locker Ransomware in 29 Days
Read more
April 29, 2024
bluesky cobaltstrike ransomware
bluesky, cobaltstrike, ransomware
SQL Brute Force Leads to BlueSky Ransomware
Read more
December 4, 2023

The DFIR Report provides in-depth, real-world intelligence based on observed intrusions, enabling security analysts and teams 
to strengthen defenses, enhance detection, 
and accelerate response.

© 2025 The DFIR Report. All Rights Reserved. | Privacy Policy