Skip to content
  • Reports
  • Analysts
  • Services
    • Threat Intelligence
    • Detection Rules
    • DFIR Labs
      • Capture The Flag (CTF)
      • Leaderboard
      • CTF Winners
      • Testimonials
    • Case Artifacts
    • Mentoring & Coaching Program
      • Book A Session
      • Meet The Team
  • Access DFIR Labs
  • Subscribe
  • Contact Us
  • Threat Intelligence
  • Detection Rules
  • DFIR Labs
    • Capture The Flag (CTF)
    • Leaderboard
    • CTF Winners
    • Testimonials
  • Mentoring & Coaching Program
    • Book A Session
    • Meet The Team
  • Case Artifacts

The DFIR Report

Real Intrusions by Real Attackers, The Truth Behind the Intrusion

  • Reports
  • Analysts
  • Services
    • Threat Intelligence
    • Detection Rules
    • DFIR Labs
      • Capture The Flag (CTF)
      • Leaderboard
      • CTF Winners
      • Testimonials
    • Case Artifacts
    • Mentoring & Coaching Program
      • Book A Session
      • Meet The Team
  • Access DFIR Labs
  • Subscribe
  • Contact Us
Thursday, May 29, 2025
  • Threat Intelligence
  • Detection Rules
  • DFIR Labs
    • Capture The Flag (CTF)
    • Leaderboard
    • CTF Winners
    • Testimonials
  • Mentoring & Coaching Program
    • Book A Session
    • Meet The Team
  • Case Artifacts

Category: lockbit

Confluence Exploit Leads to LockBit Ransomware
exploit lockbit ransomware

Confluence Exploit Leads to LockBit Ransomware

February 24, 2025

Key Takeaways Case Summary The intrusion started with the exploitation of CVE-2023-22527, a critical remote code execution vulnerability in Confluence, against a Windows server. The first indication of threat actor … Read More

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware
cobaltstrike lockbit ransomware

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware

January 27, 2025

Key Takeaways Case Summary This intrusion began near the end of January 2024 when the user downloaded and executed a file using the same name (setup_wm.exe) and executable icon, as … Read More

Register For Our Next CTF

Reports

Threat Intelligence

Detection Rules

DFIR Labs

Mentoring and Coaching

Proudly powered by WordPress | Copyright 2023 | The DFIR Report | All Rights Reserved