all InfoSec news
Following the LNK metadata trail
Jan. 19, 2023, 2:30 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
- Adversaries’ shift toward Shell Link (LNK) files, likely sparked by Microsoft’s decision to block macros, provides the opportunity to capitalize on information that can be provided by LNK metadata.
- Cisco Talos analyzed metadata in LNK files and correlated it with threat actors tactics techniques and procedures, to identify and track threat actor activity. This report outlines our research on Qakbot and Gamaredon as examples.
- Talos also used LNK file metadata to identify relationships among different threat actors. In this report …
actor adversaries block cisco cisco talos decision files gamaredon identify information link lnk lnk file macros metadata microsoft opportunity procedures qakbot relationships report research shell tactics tactics techniques and procedures talos techniques techniques and procedures threat threat actor threat actors
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Program Associate, Cyber Risk
@ Kroll | Toronto, ONT, Canada
Cybersecurity Operations Engineer 2
@ Humana | Remote US
Vice President - Lead Security Engineer (SECS04)
@ JPMorgan Chase & Co. | Columbus, OH, United States
Security Specialist
@ BGIS | Markham, ON, Canada