Yun Zheng Hu

Sifting through the spines: identifying (potential) Cactus ransomware victims

Authored by Willem Zeeman and Yun Zheng Hu This blog is part of a series written by various Dutch cyber security firms that have collaborated on the Cactus ransomware group, which exploits Qlik Sense servers for initial access. To view all of them please check the central blog by Dutch…

Read more
Yun Zheng Hu
Digital Forensics and Incident Response (DFIR)
Fox-IT and European Research
Vulnerability Research

April 25, 2024

7 mins read

Read more

Mining data from Cobalt Strike beacons

Since we published about identifying Cobalt Strike Team Servers in the wild just over three years ago, we’ve collected over 128,000 beacons from over 24,000 active Team Servers. Today, RIFT is making this extensive beacon dataset publicly available in combination with the open-source release of dissect.cobaltstrike, our Python library for…

Read more
Yun Zheng Hu
Detection and Threat Hunting
Fox-IT
Research
Threat Intelligence
Tool Release

March 25, 2022

9 mins read

Read more