all InfoSec news
[SANS ISC] Python Malware Using Postgresql for C2 Communications
Malware Analysis, News and Indicators - Latest topics malware.news
Today, I published the following diary on isc.sans.edu: “Python Malware Using Postgresql for C2 Communications“:
For modern malware, having access to its C2 (Command and control) is a crucial point. There are many ways to connect to a C2 server using tons of protocols, but today, HTTP remains very common because HTTP is allowed on most networks… I found a malicious Python script that is pretty well obfuscated. The applied technique reduces its VT score to 6/60! It’s …
access command command and control communications connect control edu http isc malware modern malware point postgresql protocols python sans sans.edu sans isc server today