CSIRT

CVE-2023-27997 - Forensics short notice for XORtigate

Tue 13 June 2023

Some feedbacks on what we observed in Forensics with the Pre-auth RCE on Fortigate VPN (CVE-2023-27997) in our test environment.

Read more
CSIRT

Cobalt Strike Investigation - Part 2

Thu 09 March 2023

This second part will focus on the 'jump' command in Cobalt Strike, used to establish a connection from a compromised system to the command and control (C2) server.

Read more
CSIRT

Cobalt Strike Investigation Part 1

Tue 20 September 2022

Cobalt Strike Investigation - Part 1

Read more