In our recent post "Winnti Evolution - Going Open Source,” Nate Marx and I shared new details on the Winnti APT group and their continued targeting of online gaming organizations. The purpose of this follow-up post is to share some new information about the group and their continued activities. »

A common TTP of the Turla APT group has been based around watering hole attacks. In late 2016, we began observing what is now called the »

DNS is one of the most important protocols on the modern internet, and any incident responder must be intimately familiar with its inner workings to perform »

Triaging large packet captures is a daunting task, even for the most seasoned security analysts. With a mountain of data and few leads, analysts need to »

This post was originally published on July 11, 2017, in the offical ProtectWise.com blog. We have since moved it to this 401TRG blog and backdated »