Boletines de Vulnerabilidades

Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)


Información sobre el sistema

   
Software afectado VMWare

Descripción

ShadowPad is a modular malware platform privately shared with multiple PRC-linked threat actors since 2015. According to SentinelOne, ShadowPad is highly likely the successor to PlugX. Due to its prevalence in the cyber espionage field, the VMware Threat Analysis Unit (TAU) was motivated to analyze the command and control (C2) protocol to discover active ShadowPad … ContinuedThe post Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad) appeared first on VMware

More info:

https://blogs.vmware.com/security/2022/10/threat-analysis-active-c2-discovery-using-protocol-emulation-part3-shadowpad.html?utm_source=rss&utm_medium=rss&utm_campaign=threat-analysis-active-c2-discovery-using-protocol-emulation-part3-shadowpad

Identificadores estándar

Propiedad Valor
CVE

Histórico de versiones

Versión Comentario Fecha
1.0 Advisory issued 2022-10-28

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT