all InfoSec news
Tips on hunting down ICMP exfiltration from Windows 10.
Jan. 30, 2022, 9:18 p.m. | /u/96Retribution
cybersecurity www.reddit.com
Have a Windows 10 PC that appears to be conducting ICMP exfiltration based on pfsense logs. Sending multiple consecutive ICMP packets to know bad recipients. MS Network Monitor does not display a process name. Neither NM nor wireshark give any meaningful payload data (assuming it is encrypted). Norton power eraser says nothing found, but no surprise there as they suck. Malwarebytes says the same.
My strong preference would be NOT to wipe the machine and start over but rather ferret …
!-->cybersecurity down exfiltration hunting icmp tips windows windows 10
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Principal Security Engineer
@ Activision Blizzard | Work from Home - CA
Security Engineer- Systems Integration
@ Meta | Bellevue, WA | Menlo Park, CA | New York City
Lead Security Engineer (Digital Forensic and IR Analyst)
@ Blue Yonder | Hyderabad
Senior Principal IAM Engineering Program Manager Cybersecurity
@ Providence | Redmond, WA, United States
Information Security Analyst II or III
@ Entergy | The Woodlands, Texas, United States