#HappyFriday everyone! This week I will wrap up with a #readoftheday from ThreatMon and their coverage of the #ZarazaBot. They provide technical analysis of the #credentialstealer and describes some of its behaviors! Enjoy and Happy Hunting!

Zaraza Bot: The New Russian Credential Stealer
https://threatmon.io/wp-content/uploads/2023/05/Zaraza-Bot_-The-New-Russian-Credential-Stealer.pdf

Notable MITRE ATT&CK TTPs:
TA0009 - Collection:
T1005 - Data from Local System
T1113 - Screen Capture
T1119 - Automated Collection
T1074.001 - Data Staged: Local Data Staging

TA0011 - Command And Control
T1071 - Application layer Protocol
T1537 - Encrypted Channel

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting