Windows BITS Inject
SafeBreach Labs has updated the Hacker's Playbook™ with simulations for US-CERT Technical Alert Alert TA17-164A, which covers malicious cyber activity referred to as HIDDEN COBRA. Customers can use these simulations to safely test their security controls against the specific tactics and techniques used in this campaign.
The campaign often targets Adobe Flash player vulnerabilities to gain initial entry, after which various malware samples are used to perform attacks ranging from DDoS/disruptive attacks, to data exfiltration.
To assess security control effectiveness against techniques involved in the HIDDEN COBRA campaigns, the SafeBreach Breach and Attack Simulation Platform specifically tests the following endpoint and network security controls:
Playbook #1326 - Suspicious files
Playbook #1327, #1329 - Adobe Flash exploit tools
Additional breach methods added recently include:
The SafeBreach Hacker's Playbook™ of breach methods simulates these breach scenarios, and thousands more, without impacting users or infrastructure. Breach methods are constantly updated by SafeBreach Labs, our team of offensive security researchers, to help keep customers ahead of attacks.